How to extend on-premise Active Directory schema with Exchange attribute for hybrid mailbox management

Video Tutorial

Extending the on-premises Active Directory schema with Exchange Attributes

NOTE: You do not need to perform a full installation and configuration of Exchange Server. To enable mailbox commands for Exchange Online in Hybrid environment, it is enough to perform instructions described below.

If you don't have Exchange On-Premises running in your environment, Active Directory may not include exchange attributes that are required to manage mailbox settings in the cloud for user or group accounts that are synced using Entra ID Connect. For example, changing the Hide From GAL setting for a mail-enabled user or distribution list would not be possible from the Exchange Online because the solution expects a synced user to be the authoritative source (AD in this case) of that type of change.

To perform these operations you need to extend your Active Directory schema with Exchange attributes.

1. Download the Exchange distributive (Exchange 2016 or 2019) and extract it to a local folder on a server in your domain. You can find the download links here: Exchange Server build numbers and release dates.

2. Follow the instructions provided in the Step 1: Extend the Active Directory schema article.

3. If you have Entra ID Connect running in your environment, update its configuration, as described in the next section below.

Refreshing Directory schema in Entra ID Connect

After you extend the Active Directory schema, you need to refresh the schema in your Entra ID Connect sync tool to add sync rules for Exchange to its configuration. Please follow the instructions here: Refresh directory schema.

IMPORTANT: This action regenerates the Sync Rules. If you have any customized synchronization rules in Entra ID Connect, you will need to recreate them after refreshing the schema.