Why is ExchangeGuid blank for user that we use Enable-RemoteMailbox on?

Solution 1:

This situation occurs if the mailbox was created directly in Exchange Online since the Enable-RemoteMailbox command does not populate this attribute; also it is not included in the Azure AD Connect write back attributes. This process could definitely be improved by MS, but nonetheless it still hasnt.

I have located a script to copy back the exchangeguid from Exchange Online back to On Prem. It worked for me!

https://gallery.technet.microsoft.com/office/Sync-Exchange-Online-646b88ab#content

I had an issue with it storing the credentials in the XML so I just changed the 2 credential variables to = Get-Credential rather than it looking up the XML file.

The 2 lines I modified were:

FROM:

$ExchCred = Import-Clixml C:\scripts\creds\ExchScripts.xml 

TO:

$ExchCred = Get-Credential

and also

FROM:

$cred = Import-Clixml C:\scripts\creds\ExchScripts.xml

TO:

$cred = Get-Credential

Obviously this will prompt for credentials every time you run the script which is ok for single use. If you want it as a scheduled task you'd best get the credential export part working. Also, Make sure you DISABLE MFA on the account you're using to authenticate to Exchange Online. Once disabled, leave it sit for 15 mins to ensure full replication on MS servers. It took a while for mine to allow access even though it stopped prompting for MFA straight away.

Hope this helps someone. Took me ages to find a solution for this.

Solution 2:

The only real reliable way for guids to match in a hybrid environment is to create mailbox on prem, run aad connect then when sync completes move mailbox to O365. GUIDs will rarely match when using enable remote mailbox because guid doesn't exist as an AD attribute because it wasn't created by exchange.