I’ve recently been asked a few times about a common issue that many on-premise Exchange administrators encounter when transitioning to Office 365 so I thought I’d write a quick blog post outlining how to modify or add email addresses to an Office 365 mailbox for a user account that is synced with an on-premise Active Directory.
Problem
You attempt to use the Exchange Admin Center to add an additional email address or modify the primary email address of an Office 365 mailbox but receive the following error:
The operation on mailbox “<username>” failed because it’s out of the current user’s write scope. The action ‘Set-Mailbox’, ‘EmailAddresses’, can’t be performed on the object ‘<username>’ because the object is being synchronized from your on-premises organization. This action should be performed on the object in your on-premises organization.
Attempting to use the Microsoft 365 admin center yields the same results:
The operation on mailbox “TestO365” failed because it’s out of the current user’s write scope. The action ‘Set-Mailbox’, ‘EmailAddresses’, can’t be performed on the object ‘TestO365’ because the object is being synchronized from your on-premises organization. This action should be performed on the object in your on-premises organization.
Solution
The way to add or modify email addresses for Office 365 mailboxes for user accounts that are synced with an on-premise Active Directory is to modify the proxyAddress attribute for the user account:
Prepending the email address with SMTP: capitalized will configure the primary email address for the account:
Additional email address aliases can be configured with smtp: in lower case.
Once the changes have been made to the account from the on-premise Active Directory, proceed to forcing a synchronization on the server with AD Connect to synchronize the changes to the account in Azure AD.
Start-ADSyncSyncCycle -PolicyType Delta