So a client I am working with was in the process of migrating to Office 365 Exchange Online. They have approximately 350 "mailboxes", and the reason I put mailboxes in quotes is that actually about 150 of those mailboxes are not actual mailboxes, but email addresses for their primary email domain that get redirected to another actual mailbox. What this company does is some outsourcing of resources (people) to other companies. These other companies provide a mailbox for the resources so they can be integrated into the contracting company’s messaging environment. And to avoid the resources from checking two different mailboxes, my client simply setup an email alias for the users and then setup forwarding of that address to the outsourced company mailbox. Simple enough and I’m sure a situation that many other companies have implemented. This situation saves money, licenses and storage costs.
So back to the issue, my client sees the benefit of cloud computing and has an overall goal of removing all servers from their infrastructure. Enter Office 365 and Exchange online for phase one. While Exchange online offers many different licensing levels, including the K plans for Kiosk workers as a lesser month fee, this did not solve the outsourced resource problem, as they would still have to pay for a mailbox that would not be utilized. Being an expert of Exchange on-premises, I knew how I would fix this situation, mailUser. If you are not familiar with this it differs from a mailbox user for an on-premises Exchange implementation in that the mailUser is more of a super contact entry. A way for an Active Directory account to have an email address associated with the company’s primary email domain but any email sent to said email address is it actually redirect to another external email address. This is what my client was looking for. This was easy to do with a standard K or E plan user within Exchange Online, but it required a monthly fee for the Exchange online mailbox. This was counterproductive to the TCO for a move to the cloud.
So I got my thinking cap on, I knew that just like Exchange 2007/2010 on-premises not all things can be done via the GUI interface. I would estimate that an Exchange administrator for 2007/2010 can do 80-85% of the management via the Exchange Management Console, the GUI interface. The other 15-20% requires PowerShell, specifically the Exchange Management Shell. Knowing how to create a MailUser for an existing Active Directory account on premises I decided to work toward seeing if it was possible to do the same with remote PowerShell in Office 365 Exchange Online.
Well I succeeded. It took some trial and error and found that to manually create a user object with an accepted email address in the primary company domain and have email messages redirected to another external mailbox was rather easy. Here is the command I used (for this example, company.com is the primary email domain for my company as well as the primary UPN (user Principle Name). UPN is used to identify the user if my company needs to grant a license for SharePoint or Lync Online.
First if you are not familiar with connecting to Office 365 Remote PowerShell here is the commands:
Launch PowerShell on your local machine with Admin credentials, commands below are in quotes, remove quotes and add to the PowerShell session:
"$cred = Get-Credential"
"$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection"
You will not be connected to the Office 365 environment. With the first command, you will get a pop-up asking for username and password; give the credentials in firstname.lastname@example.org for your Office 365 tenant that has Admin credentials.
When you are done with remote PowerShell to Office 365 run the below command to disconnect:
So after connecting to Remote PowerShell for Office 365 here are the commands to create a user with a delegated email mailbox:
New-MailUser -Name "Test User" -MicrosoftOnlineServicesID TestUser@comany.com –externalEmailAddress testuser@AnotherCompany.com -Password (ConvertTo-SecureString -String ‘Pa$$word1’ -AsPlainText -Force)
So let’s break this command down:
New-MailUser -Name "Test User" – ‘Test User’ would be the display name for the user in the GAL for all other users in Exchange Online
-MicrosoftOnlineServicesID TestUser@comany.com – ‘testUser@comany.com’ would be the login for the username the user uses to login and for access to other Office 365 resource such as SharePoint and Lync Online, this would require a license purchased for these services
-Password (ConvertTo-SecureString -String ‘Pa$$word1’ -AsPlainText -Force) – This line sets the initial password for the User account.
After completing the above you will find that the User is created in the Portal under Users. You can then add additional contact information that will show up in the GAL, such as address, phone and personal information.
And the biggest benefit of this is that my client company did not need to pay a monthly fee for a mailbox online that would not be utilized.