Topic Last Modified: 2011-01-25
Federated sharing requires an immutable identifier that uniquely
identifies a mailbox to other Exchange organizations. The immutable
identifier (immutable ID) must be explicitly set on each
cloud-based mailbox and should match the user principal name (UPN)
of the mailbox. The ImmutableID property must be set on
the on-premises object associated with the cloud-based mailbox,
which is then synchronized to the cloud-based
organization.
Learn more at: Understanding Federated
Delegation
 Caution: |
| This topic is meant to be read as part of the Microsoft
Office 365 Coexistence with Exchange 2003 checklist.
Information or procedures in this topic may depend on prerequisites
configured in topics earlier in the checklist. To view the
checklist, see Checklist - Office 365
Coexistence with Exchange 2003. |
How do I configure a mailbox that's
been moved to the cloud-based organization?
You need to be assigned permissions before you can
perform this procedure. To see what permissions you need, see the
"Mail user" entry in Mailbox
Permissions.
In the Exchange Management Shell on the coexistence
server, do the following to set the immutable ID of a mail user to
the UPN of that mail user.
- Retrieve the UPN of the mail user you want to configure.
|
|
 Copy Code |
Get-MailUser david | Format-Table Name, Alias, UserPrincipalName
|
- Set an unused property on the mail user to upgrade it to a
version that can be managed by the coexistence server. In this
example, the ModeratedBy property is used. Respond "Yes" to
the prompt asking if you want to upgrade the object.
|
|
Copy Code |
Set-MailUser david -ModeratedBy administrator
|
- Set the immutable ID of the mail user to the mail user's
UPN.
|
|
Copy Code |
Set-MailUser david -ImmutableID david@contoso.com
|
- Clear the property that was set to upgrade the object. Respond
"Yes" to the prompt asking if you want to upgrade the object.
|
|
Copy Code |
Set-MailUser david -ModeratedBy $Null
|
If you don't want to set this property individually for
each mailbox that's moved to the cloud, you can use the following
commands to configure the mailboxes in bulk. Run these commands
each time you move one or more mailboxes to the cloud.
- Retrieve a list of all mail users that don't have a value set
for the immutable ID and that also have an external e-mail address
that points to the cloud-based SMTP namespace. Replace
"service.contoso.com" with your cloud-based SMTP namespace, but be
sure to keep the wildcard character ( * ).
|
|
Copy Code |
$MailUsers = Get-MailUser -Filter {(ImmutableID -Eq $Null) -And (ExternalEmailAddress -Like "*service.contoso.com") }
|
- Set the UPN on the immutable ID for each mail user that's
returned. The UPN is taken from the UserPrincipalName
property on the mail user and set on the ImmutableID
property. This example uses the ModeratedBy property to
upgrade the mail user to a version the coexistence server can
manage. Choose another property if your organization already uses
the ModeratedBy property.
|
|
Copy Code |
$MailUsers | ForEach {Set-MailUser $_.Alias -ModeratedBy Administrator -ForceUpgrade; Set-MailUser $_.Alias -ImmutableId $_.UserPrincipalName; Set-MailUser $_.Alias -ModeratedBy $Null -ForceUpgrade}
|
How do I configure a mailbox that's
been created in the cloud-based organization?
You need to be assigned permissions before you can
perform this procedure. To see what permissions you need, see the
"Remote mailboxes" entry in Mailbox
Permissions.
In the Shell on the coexistence server, do the
following to set the immutable ID of a remote mailbox to the UPN of
that mail user.
- Retrieve the UPN of the remote mailbox you want to
configure.
|
|
Copy Code |
Get-RemoteMailbox david | Format-Table Name, Alias, UserPrincipalName
|
- Set the immutable ID of the remote mailbox to the remote
mailbox's UPN.
|
|
Copy Code |
Set-RemoteMailbox david -ImmutableID david@contoso.com
|
If you don't want to set this property individually for
each mailbox that's moved to the cloud, you can use the following
commands to configure the mailboxes in bulk. Run these commands
each time you move one or more mailboxes to the cloud.
- Retrieve a list of all remote mailboxes that don't have a value
set for the immutable ID.
|
|
Copy Code |
$RemoteMailboxes = Get-RemoteMailbox -Filter {ImmutableID -Eq $Null}
|
- Set the UPN on the immutable ID for each remote mailbox that's
returned. The UPN is taken from the UserPrincipalName
property on the mail user and set on the ImmutableID
property.
|
|
Copy Code |
$RemoteMailboxes | ForEach {Set-RemoteMailbox $_.Alias -ImmutableId $_.UserPrincipalName}
|
How do I know this worked?
To verify that you've set the immutable ID of a mail
user or remote mailbox object to the UPN of that object, use the
following commands in the Shell on the coexistence server. The
ImmutableID and UserPrincipalName properties should
match each other.
- To view the ImmutableID and UserPrincipalName
properties for a mail user, do the following.
|
|
Copy Code |
Get-MailUser david | Format-Table Name, Alias, ImmutableID, UserPrincipalName
|
- To view the ImmutableID and UserPrincipalName
properties for a remote mailbox, do the following.
|
|
Copy Code |
Get-RemoteMailbox david | Format-Table Name, Alias, ImmutableID, UserPrincipalName
|
Having problems? Ask for help in the Coexistence and
Migration forum. To access the forum, you'll need to sign in using
an account that's granted administrator access to your cloud-based
service. Visit the forum at: Coexistence and Migration
