Now to finally make the changes!
Add additional SMTP address
Firstly a command to add the new email address to all the users in the imported .CSV. After running the command it’s a good idea to check the properties of the first and last users on the list via the EMC to verify the new SMTP address has been added ok – look under the Mail Contact’s properties, E-Mail Addresses tab, under SMTP. The new address will be there and the current primary SMTP will be in bold).
$users | ForEach-Object { Set-RemoteMailbox $_.SamAccountName -EmailAddresses @{Add=$_.NewEmail} }
Set Primary SMTP address and disable email address policy
The next command sets the new address as the primary SMTP and disables the email address policy so it doesn’t change back.
$users | ForEach-Object { Set-RemoteMailbox $_.SamAccountName -PrimarySMTPAddress $_.NewEmail -EmailAddressPolicyEnabled $false }
Again, check a couple of users via EMC to ensure the new SMTP is now the primary (it’ll be in bold type).
Set AD UPN
The next command changes the users UPN in AD – you can check this change on the users account tab in the EMC.
$users | ForEach-Object { set-RemoteMailbox $_.SamAccountName -userprincipalname $_.NewEmail }
Change O365 account to match
The following 2 commands are a two step approach to changing the user’s O365 UPN address from the old domain to the .onmicrosoft domain and then from the .onmicrosoft domain to the new domain. This way always works. For reasons I’ve not figured out yet, using a one step approach, going from @olddomain.com to @newdomain.com, sometimes fails.
MSOL UPN update 1 (returns a checksum to screen for each user – don’t panic)
$users | ForEach-Object { Set-MsolUserPrincipalName -TenantId $tenid -UserPrincipalName $_.PrimarySmtpAddress -NewUserPrincipalName ($_.SamAccountName+’@bobbitco.onmicrosoft.com’) }
MSOL UPN update 2
$users | ForEach-Object { Set-MsolUserPrincipalName -TenantId $tenid –UserPrincipalName ($_.SamAccountName+’@bobbitco.onmicrosoft.com’) -NewUserPrincipalName $_.NewEmail }
Output MSOL UPNs
The following command returns the upn from O365 for each user, this can be used to send back to the project lead or customer as the results of the new users’ UPN (and hence their new primary SMTP address).
$users | ForEach-Object {get-msoluser -TenantId $tenid -UserPrincipalName $_.NewEmail | select userprincipalname} | out-file c:\tmp\OutputMSOLs.txt
Synchronise to O365
Check Last Synctime
The following outputs a file that lists the last synctime between the AD and O365. The default dirsync cycle runs about every 3 hours or so. Run the command to see when the users last did a sync. If you don’t want to wait you can force a dirsync using the guide below. Re-run the command below and you’ll see when the output from the command shows all the users have successfully sync’d to O365 and your job is done! (Note, users will only show an updated sync time if changes have been made to their account).
$users | ForEach-Object {Get-MSOLuser -TenantId $tenid -UserPrincipalName $_.newemail | select UserPrincipalName, LastDirsyncTime} | out-file c:\tmp\synctime.txt
Force AD DirSync to O365
If you don’t want to wait for the next sync from AD to O365 you can force a sync. If you don’t know how then have a look here.
http://www.msexchange.org/blogs/walther/news/dirsync-change-forcingmanual-syncs.html
And that’s it!
Make sure you test mail flow by emailing your test user(s) at their new address and getting a reply to check the reply from address is good too.
On the next page I’ll just list all the Powershell commands in one convenient place!
Nice work Bobb. Two lines of your code seem to be identical though.
“Add additional SMTP address” and “Set Primary SMTP address and disable email address policy”.
Good spot Dazza!
I’ve fixed “Add additional SMTP address” with the correct command. Thanks for the help.