Ask a new question

Cannot sync a user due to Duplicate ProxyAddress

Hi, im struggling with this one. Yesterday I sync'd several users to Office 365 via AADC. My aim was to use SMTP matching to tie them to their existing cloud accounts. For one user I forgot to set his email attribute before syncing so rather than matching it created a new account in 365. I stopped the account from syncing, corrected the email attribute and forced a sync but now I get the following erro:

Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:*** Email address is removed for privacy ***

I have run idfix to confirm that no other object has that SMTP address. I've deleted and re created the account and run a metaverse search to see if the email address is assigned to something else in Office 365 but it isnt. If i remove the email address attribute from the user it sync's with no errors. It seems AADC is convinced there is a duplicate SMTP address in my on-premise AD which I cant find any sign of! any ideas?

Many thanks, James

Hi James,

To check the issue, we need to locate the object in on-premise AD or locate the object in Windows Azure AD to check if there is a duplicate object.
1. Locate the object in the on-premises Active Directory.
For example, if the address is *** Email address is removed for privacy ***, the LDAP query will resemble the following:
(|(proxyAddresses=SMTP: *** Email address is removed for privacy ***)(mail= *** Email address is removed for privacy ***))
This LDAP query looks for all objects in Active Directory that have a mail attribute value that contains *** Email address is removed for privacy ***.
For more info about how to use such a tool, go to the following Microsoft TechNet website:
LDAP Query Basics

2. Locate the object in cloud.
1). Connect to Exchange Online using remote PowerShell
https://technet.microsoft.com/en-us/library/jj984289(v=exchg.160).aspx 

2). Run the following cmdlet:

Get-Recipient | where {$_.EmailAddresses -match " *** Email address is removed for privacy ***"} | fL
Name, RecipientType,emailaddresses

If the issue persists, we will further check if Office 365 immutable ID matches the on premise ObjectGUID.

Regards,
Johnny Zhang

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Thanks for the reply but I had already tried both of those things but could find no duplicate value.

For anyone else with the same issue it was because the account had been deleted from AD but a sync had not taken place. In the end I had to restore the deleted version of the account using AD recycle bin (renamed the new account first), force a sync, delete the account again, force a sync and then I could rename the new account back to the correct name and use the SMTP attribute

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info

Last updated March 29, 2024 Views 1,869 Applies to: