We have Office 365 with ADFS for our domain (let's say domain.org) currently. We're considering converting about 150 users to it, all of whom currently have email via an Exchange server on a different email domain (otherdomain.com). We want these users set up to where they'll have a domain.org email address, but if someone emails the old otherdomain.com address it will reroute to them. I know how to set up the aliases and have read that we would need otherdomain.com as an available UPN suffix.
Here's where things get tricky. Otherdomain wants to continue to have their own Active Directory and authenticate email via a Proxy. Are there any configuration steps we will need to know about or limitations of doing something like this? They will eventually be on the same Windows domain, but it is going to be a LONG time. They want to get email up and going as soon as they can on Office 365 to utilize the eDiscovery features and larger mailbox storage size. Has anyone ever had a similar experience?
Best Answer
This is supported - you basically want to to sync and federate two domains to a single O365 Tenant. You need to validate both domain in O365 and configure both for SSO thru required ADFS servers.
For Sync - you can refer to the Azure AD Connect documentation which covers this scenerio: https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnect-topologies/#multiple-forests-single-azure-ad-directory
At this point your users can logon via their creds from both domains. When you migration users one difference you will see is there is a unified GAL (regardless of your UPN - you can see see all users from both domains).
If you want to update their email address at this point you can add an SMTP alias to the user - so they retain their username/login but can receive mail from both addresses.
If you want to change the logon - you need to change the users UPN in the domain, which means you need to add the other domains UPN suffix. If you sync a user first - then you need to manually update it in both the domain and on O365 (it won't sync UPN suffix change).
In order for users to receive mail - you also need to change the MX records. If you are running local exchange you probably want to configure a Hybrid environment and route all mail thru O365 first. TechNet has an article on this configuration as well https://technet.microsoft.com/en-us/library/jj873754%28v=exchg.150%29.aspx