Create Custom sync rules in both AADConnect Servers
Click on Synchronization Rules Editor of the 21V Syncing AADConnect Server
Select In from AD - User Exchange and Edit
Click on Yes to create copy of the rule, Keep in Mind once you have copied the existing rule, the old rule will disabled. Hence you need to enable it back post completed the new rule creation.
Enter the Name for the rule and Change the Precedence to 10 or 20. Less value is high priority to carry out the rule
For China Tenant AADConnect Changes, Select Scoping Attribute : Userpriniciplename CONTAINS cn.southtunes.in , Click on Next
Click on Next
Set target attributes in Transformations, Do Not change any values for default attributes. Set FlowType to Expression Set msExchRecipientDisplayType equal to 6 Set msExchRecipientTypeDetails equal to 128 Set msExchRemoteRecipientType equal to AuthoritativeNull
Save and make sure the original rule enabled
Before this Rule created, replicate the same for Global Office 365 AADConnect as well, in Gloabl AADConnect Select Userpriniciplename CONTAINS southtunes.in .
Once rules are created, Run the full Sync in both AADConnect Servers using the command,
Start-ADSyncSyncCycle -PolicyType initial
Before Rule Creation:
21V User shown as follows on the Global Tenant
After Rule Creation:
After the rule created and completed, details shown as follows which contains the 21V Mail Proxy Address details.
Configuration of Free / Busy Sharing using Availability Services
As I mentioned we will not be able to use Microsoft Federation Gateway(MFG) since both are being operated Separately.
To Achieve free / busy sharing, we are going to use Availability Services. Before we start the configuration, We need create Free/Busy service account in O365 respectively. No license is needed, We do not reuse this accounts other purposes. • Global Tenant UPN is FB@xxx.onmicrosoft.com • 21v Tenant UPN is FB@xxx.partner.onmschina.cn
Determine Office 365 Auto Discovery Connection URI for both tenants. • For Global tenants use: $AutoD = 'https://autodiscover- s.outlook.com/autodiscover/autodiscover.xml' • For China tenants use: $AutoD = 'https://autodiscover- s.partner.outlook.cn/autodiscover/autodiscover.xml'
21V Exchange Online Side Changes:
Enable Organizational Customization. This only needs to be done once per tenant. It will simply fail if tried subsequently.
Open PowerShell --> Login to Exchange Online of 21V Operated Office365
For Exchange Online module install and Login, Please refer the article
Enable-OrganizationCustomization
Note: It failed for as it needs to be done once which I have already done
Run the below Command,
New-AvailabilityConfig -OrgWideAccount fb@xxx.partner.onmschina.cn
Run the following commands one by one
$FBUserUPN = FB@xxx.onmicrosoft.com
$RemoteFBForest = "xxx.mail.onmicrosoft.com"$AutoD = 'https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml'
$AutoD = 'https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml'
$FBCred = Get-Credential <NOTE: Enter Global fb Service Account>
Add-AvailabilityAddressSpace -ForestName $RemoteFBForest -AccessMethod OrgWideFB -TargetAutodiscoverEpr $AutoD -Credentials $FBCred
Global Office365 Exchange Online Side Changes
Run the below commands one by one as we have done on 21V Office365
Enable-OrganizationCustomization
New-AvailabilityConfig -OrgWideAccount fb@xxx.partner.onmschina.cn
$FBUserUPN = “FB@xxx.onmicrosoft.com”
$RemoteFBForest = "xxx.mail.onmicrosoft.com"
$AutoD = 'https://autodiscover-s.outlook.com/autodiscover/autodiscover.xml'
$FBCred = Get-Credential <NOTE: Enter Global fb Service Account>
Add-AvailabilityAddressSpace -ForestName $RemoteFBForest -AccessMethod OrgWideFB -TargetAutodiscoverEpr $AutoD -Credentials $FBCred
Run the command in both the tenants and validate wehther the AvailbilityAddressSpace(AAS) has been created. You need to wait for 30- 60 Minutes to make it work.
Get-AvailabilityAddressSpace |fl
Login to the Mailbox of the 21V Exchange online mailbox and validate that Free / Busy has shown properly of Global Office365 Exhange Online User's Information.
You can see Global User Mailbox(User.Global@southtunes.in) is shown in the 21V Exchange Online User's Mailbox (User.China2@cn.southtunes.in). surprisingly you wouldn't be able to see Onpremises User's information(User.Onpremises@southtunes.in) right now as we have created AAS only between the Global tenant and 21V Tenant. We will see how to make it work later of this series.
You can see the Free/Busy shown well and able to book the meetings without any issues.