Wednesday, January 4, 2017

Office 365 Groups with On-Premises Exchange hybrid

Office 365 Groups means sharing information and collaboration across groups and projects teams, even we are using different tools such as distribution groups, buddy list in Lync, groups in Yammer.

Office 365 Groups look like traditional Exchange distribution groups in that we can send a message to a group and have it delivered to all the group members. But the problem with distribution groups is that if you’re not a member of that group, you will not get the message and when you join the distribution group, you don’t have access to previous discussions/message.

Office 365 group is a more email distribution group because when we use a Group, it will store the message/information for any new members, and he can discover all message/information. It is between a distribution group and a public folder. If you want to more accurate comparison is to a combination of the distribution group and a site mailbox or share mailbox because when we look Share Point mixed to deliver the information.

Office 365 Groups is feature that enable to communicate, schedule meetings and collaborate on documents more easily. All information share/sent email with in a Group, file will stored in the groups OneDrive for business or SharePoint libraries.

If you have the Hybrid deployment between your on-premises Exchange organization and Office 365, you can also create the Groups in Office 365and it will available to On-premises users. It is very new feature in Office 365, here are the process how we can enable Office 365 Groups to On-premises users.

Before we start for enabling the Office 365 Groups to on-premises, we have check the prerequisites, following are the list:
  • Premium licenses for Azure Active Directory on your tenant which will help to enable the groups write back feature in Azure Active Directory Connect (AAD).
  • Well functioned hybrid deployment between Exchange on-premises and Office 365.
  • Least CU1 or new releases for Exchange 2016, and CU11 or newer releases of Exchange 2013.
  • Configured Azure Active Directory Connect for single sign-on, which will allow users to click on view group files link in group email messages.

Enable Group write back in AAD Connect

We have to enable the group write back in Azure Active Directory Connect, following are the steps:

  • Open Azure AD connect wizard-Select Customize synchronization option->Next.

  • On the Connect your Directory page, give the Office 365 global administrator credentials--> Next.
  • On the Optional features page, we have to verify that the options we have configured are still selected. The most commonly-selected option are Exchange hybrid and Password hash synchronization.
  • Select Group write back-->Next.
  • On the Write Back page, select a location in AD to store objects that are synchronized from Office 365 to your on-premises organization and click next.
  • Now Ready to configure page-->Install.
  • When wizard is complete, click Exit on the Configuration complete page.

Configure a group domain

The default accepted domain in the organization is chosen as the domain for the primary SMTP address of Office 365 group when it created, this is called a group domain, here we have to setup a new sub-domain that will be used as the group domain, following are the steps:
  • Add the group domain as an accepted domain in the on-premises Exchange org with below PowerShell command
New-AcceptedDomain -Name -DomainName -DomainType InternalRelay
  • Add the new group domain to Office 365 Org.
  • Create the two DNS record with DNS provider
DNS Record Name-
DNS record type- MX
DNS record

DNS Record Name-
DNS record type-CNAME
DNS record value-
  • Add the group domain to the hybrid send connector, which is created by the Hybrid Configuration wizards 
Set-SendConnector -Identity "Outbound to Office 365" -AddressSpaces "",""

Create the Office 365 Groups

We have multiple option to create the Office 365 Groups, here we will create the Groups via Outlook /OWA, steps are :

1. From your outlook from left hand side on bottom select Group right click and
    select New Group

  From OWA click on New and Select Group

2. Give the name of the Group and select the privacy 
                   From Outlook:
                 From OWA
3. Now time to add the user in Group

4. Now we can check from Office 365 admin portal newly created Office 365  
    Groups, Select Group->Select Office 365 Groups from view (otherwise    
    you will see all the groups) then you can see all the Office 365 Groups in list.

5. Now you can view the created Groups details from outlook & OWA.

6. Once you add the user in Office 365 Groups user will get the automatic 
    Welcome email.

Test using an on-premises mailbox
  • Add an on-premises & Office 365 mailbox to an Office 365 group.
  • Log into the Office 365 mailbox using Outlook on the web.
  • Send a message to the group using the Office 365 mailbox & on-premises mailboxes.
  • Open the on-premises/Office 365 mailbox and verify the message received.
  • In the same mailbox, compose a reply to the message and send it to the group.
  • Verify that the message can be viewed by all of the members of the group.

Test using a mailbox moved to Office 365
  • Move a mailbox from your on-premises Exchange organization to Office 365.
  • Add the mailbox to an Office 365 group.
  • In a new browser session, log into the mailbox that was moved to Office 365.
  • In Outlook on the web, verify that the group is listed in the left navigation bar.
  • Post a message to the group.
  • Verify that the message can be viewed by all of the members of the group.

Known Issues 

Group don’t appear for mailboxes moved to Office365
        Remove the mailbox from any groups and re-add it to each group.

New groups don't appear in the on-premises Exchange GAL
        Update-Recipient “GroupName”

Groups don't receive messages from on-premises user
        Wait for next AAD Connect synchronization.

On-premises users can't use links included in group message footers
       Users should contact an group administrator.

Mail sent to a group's secondary SMTP address fails to be delivered
      Configure only one SMTP address on each group.

Find Ownerless Office 365 Groups

As we know every Group have the owner which is managing as per business required, but some time we find some of the group does not have the owner it is not good if a group doesn’t have any owners. Group members will still able to access all the group resources/messages but problem is that when some group administration in needed for any modification then we have to find someone who can work. We can find out ownerless Office 365 Groups with help of Exchange Godfather "Tony Redmond's" articles, where we can find the script to pull out the ownerless Office 365 Groups.

Using PowerShell to Locate Ownerless Office 365 Groups


Happy Learning!


1 comment: