Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    US charges Samourai cryptomixer founders for laundering $100 million

Featured Deal: A one-year Sam's Club membership is only $14 now

Latest Buyer's Guide:    How to setup a VPN on your router: Detailed walkthrough

Generic User Avatar

On prem AD and Azure conflict - permanently deleted user merged with new user

Started by jfindley , Dec 08 2023 01:05 PM

  • Please log in to reply
5 replies to this topic

#1 jfindley

jfindley

  • Avatar image
  • Members
  • 3 posts
  • OFFLINE
    •  
  • Local time:11:36 PM

Posted 08 December 2023 - 01:05 PM

Hello all.  I have a weird issue with AD Sync and Azure/Entra. Back in 2015 a user was created in the on prem AD and at some point, was sync'd with Azure. That user profile has since been permanently deleted (for years now). A new user with the exact same name has recently been added to AD and sync'd with Entra. The problem is that Entra and the MS365 mailbox seem to have retained some of the previous user's information. Specifically, Entra shows a created date from 2015 and Exchange shows the previous user's email address as hidden from the GAL (the later issue being the primary concern). I have verified the new user account has the AD attributes of "false" for msExchHideFromAddressLists and that is has a Nickname. All the proxy addresses are as they should be for the new user. When in the MS365 admin portal for the new user>mail and refreshing the user information I can see that the Show in Global Address List property briefly changes to Yes (while it is refreshing) but then reverts to No. For the life of me I cannot figure out how fix this. Any suggestions?  Thanks.


Edited by jfindley, 08 December 2023 - 01:05 PM.

BC AdBot (Login to Remove)

 

#2 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 34,434 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:05:36 AM

Posted 08 December 2023 - 02:09 PM

I would take this up with Microsoft because there is likely no one here that could fix this issue.  I would assume that you have support from Microsoft?


US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#3 jfindley

jfindley
  • Topic Starter

  • Avatar image
  • Members
  • 3 posts
  • OFFLINE
    •  
  • Local time:11:36 PM

Posted 08 December 2023 - 02:22 PM

I do have Microsoft support...though admittedly, I usually make that a last resort.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 34,434 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:05:36 AM

Posted 08 December 2023 - 02:28 PM

THey should always be the first line of support for any corporate related issues such as this.


US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#5 sflatechguy

sflatechguy

  • Avatar image
  • BC Advisor
  • 2,747 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:01:36 AM

Posted 16 December 2023 - 02:02 PM

You say the user has the same name -- I'm assuming you mean the same login name? Microsoft does warn against that, as AD/Entra is known to do strange things when that is done. To cryptodan's point, this is better handled by Microsoft. These kinds of off sync issues aren't really amenable to easy fixes.


#6 jfindley

jfindley
  • Topic Starter

  • Avatar image
  • Members
  • 3 posts
  • OFFLINE
    •  
  • Local time:11:36 PM

Posted 18 December 2023 - 09:41 AM

@sflatechguy, By same name, I mean same literal name and same login. However, I did find a fix for the issue, with help from another, by adding a custom attribute to AD and having Azure AD Connect Synchronization Service recognize during sync; the article is below. Basically, adding a custom attribute to AD Attributes (MSDSCloudExtensionAttribute1 {HideFromGAL}) and leaving it blank does the job (though more involved). Apparently, the MSExchHideFromAddressLists not working with MS 365 is pretty common.

 

Reference:

How to hide users from the GAL in Office 365 synchronized from on-premises - Jack Stromberg

 

Thanks to everyone for your input.


Back to Windows Server


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. Microsoft Windows Support
  3. Windows Server
  4. Privacy Policy
  5. Rules ·