Moving Exchange Mailbox from on-premises Exchange to Exchange Online seems an easy step if the hybrid wizard ware configured correctly. Users on-premises should only have an accepted domain in the SMTP addresses for a successful migration, otherwise, the operation will fail.

The Error while migration.

You may get the following error while mailbox migration:

Click here for a step-by-step tutorial on Moving a mailbox from On-premise to Exchange Online

You can’t use the domain because it’s not an accepted domain for your organization.
+ CategoryInfo : NotSpecified: (:) [New-MoveRequest], NotAcceptedDomainException
[FailureCategory=Cmdlet-NotAcceptedDomainException]

Or this error when using Exchange Online interface

Error: MigrationPermanentException: You can‎’t use the domain because it‎’s not an accepted domain for your organization. –> You can‎’t use the domain because it‎’s not an accepted domain for your organization.

The reason for this migration failure is the user/s on-premise are associated with an SMTP address for a non-verified domain in Office 365 Domains.

Listing Verified Domains in Office 365

We need to find the verified domains in Office Online Domain, which can be done by running the following command:

MSOnline Powershell module
 Get-MsolDomain
 or this command
 ExchangeOnlineManagement Module
 Get-AcceptedDomain | select domainname

Identifying Problematic Account

There is an Exchange Online accepted domain named GoodinCloud.com which is verified and can be used. Let’s look at the on-premise user accounts which failed in the migration process (Username: MyBulk1).

Get-mailbox Mybulk1 | select -ExpandProperty Emailaddresses

The user was assigned with an SMTP email from a verified domain MyBulk1@goodincloud.com and a non-verified domain MyBulk1@badincloud.com.

The badincloud.com domain not verified it cannot be used in MS online services and must be removed from the user before the migration process.

So after removing the non-verified domain from the user mailbox, it’s now possible to migrate the mailbox.

But nobody wants to remove these non-verified domains one by one, so I wrote a Powershell script to remove a certain domain un-verified domain from all user’s mailboxes on the on-premise accounts.
smtp:mybulk@badincloud.com

The Script – The Fix

The script requires Microsoft.Exchange.Management.PowerShell.SnapIn PowerShell snapin loaded before execution, also the script runs using PowerShell 5.1.

Now let’s take a look at the setting before running the script.

get-mailbox mybulk| select displayname,Emailaddresses 

Accepted Parameters

EmailDomainToRemove: the domain only for the SMTP address you want to remove, so if the user assigned an SMTP address User1@BadinCloud.com, so you need to set the parameter value to badincloud.com only.

SamAccountName: The targetted account to remove the unwanted email domain from EmailDomainToRemove.

The script creates a copy of the user’s current configuration before doing any change and dumps the result to a text file in the same directory the script exists.

The output is the new configuration which is the account with all the available email addresses except the EmailDomainToRemote

.\PrepareO365User.ps1 -SamAccountName User1 -EmailDomainToRemove badincloud.com

To confirm that the required domain is removed from the user profile, the script will return the updated user EmailAddresses attribute list

Pipeline

The script accepts bulk modification via Pipeline. It’s possible to run

get-mailbox -Database important | .\PrepareO365User.ps1 -EmailDomainToRemove BadinCloud.com

This method will make it easier to update and clean certain accounts in a database. Its totally ok to use the Get-Mailbox without the database, which will clean all mailbox in the organization.

Download

You can download the script from my Github repo from the following link

Conclusion.

This should fix the problem of failed mailbox migration and users can be migrated to cloud as unverified domains are removed. Please keep in mind to run or wait for Azure Active Directory sync process to finish so these configuration are replicated to the cloud.

Hope this helps.

What Else to read

• Move Exchange Mailbox to Exchange Online using Powershell.
• An advanced way to know why AD account is locked-out
• Xen Virtual Desktop Cannot connect to vCenter after a certificate update
• Powershell: Get all Share Folders and perform Permission test Read/Write/Delete on them to see what limited user can do.
• Powershell: VMWare vCenter Standard, Move all VM from a host and place it in maintenance mode