ObiWiki

Memo fof dealing with Public Folders when using Exchange Hybrid setup or migrating PF folders to Exchange Online trough hybrid

Prerequisites:

• Azure AD Connect is setup and Exchange Hybrid Deployment is enabled
• Exchange Hybrid Wizards has been run and hybrid is setup
• Exchange autodiscover fully works

From Exchange 2013 onward Public Folders are stored in specific public folder type mailboxes. Find AD objects of those and sync them with Azure AD Connect, either include the OU they are in or move the object into OU which is synced. PowerShell to find Public Folder Mailboxes:

 Get-Mailbox -PublicFolder | FL Name,Alias,Id

If you have Exchange 2010 and legacy public folder databases, better to read MS article of the setup: [[https://docs.microsoft.com/en-us/exchange/collaboration/public-folders/configure-legacy-public-folders-for-hybrid|https://docs.microsoft.com/en-us/exchange/collaboration/public-folders/configure-legacy-public-folders-for-hybrid]]]]|Configure legacy on-premises public folders for a hybrid deployment | Microsoft Docs]]

AD Connect or Exchange Hybrid actually does not synchronize mail enabled Public Folders to Exchange Online and if EXO user tries to send email to Public Folder it will fail. Public Folders needs to be synced with specific powershell scripts from Microsoft, [[https://www.microsoft.com/en-us/download/details.aspx|https://www.microsoft.com/en-us/download/details.aspx]]]]|Link]] . These script will create mail contacts for each mail-enabled public folder.

Extract Sync-ModernMailPublicFolders.ps1 and Sync-ModernMailPublicFolders.psd1 to some folder on Exchange server. Then run Sync-ModernMailPublicFolders in Exchange powershell. You will also need Global Admin credentials. Script does not support MFA, not sure if it can be modified. Run it first with -Whatif option to catch any errors.

.\Sync-ModernMailPublicFolders.ps1 -Credential (Get-Credential) -CsvSummaryFile:sync_summary.cs -Whatif

Then if there is not much red errors remove -WhatIf and run it for real. I've seen errors about Offline Address Book folders being corrupted, these are usually some remains from older Exchange server and I've ignored them.

Set-OrganizationConfig -PublicFoldersEnabled Remote -RemotePublicFolderMailboxes PFMailbox1

When using Public Folders in hybrid, Outlook should be able to find and connect PF directly to server where they exist. OWA cannot open PF over hybrid connection, for OWA to work user and PF need to be on same side, either on-premises or cloud. Full Access permissions work over hybrid but “Send As” and “Send On Behalf To” permissions do not work.

There is unofficial way to get “Send As” and “Send on Behalf” permissions work over hybrid: add permissions on both sides. If Public Folders are on-premises and user in cloud, first add permissions trough Exchange Online Powershell. This cannot be done from GUI.

Add-RecipientPermission -Identity "[PF Mailbox Address]" -Trustee "[User UPN]" -AccessRights 'SendAs'
Set-MailPublicFolder "[PF Mailbox Address]" -GrantSendOnBehalfTo "UPN"

Note that Exchange Online only knows Public Folders mail address so add permission by giving its mail address as identity. If address is not found, you need to run sync script mentioned earlier.

Then add permissions from Exchange on-premises powershell

Add-ADPermission -Identity "PFName" -User domain\samaccountanme -ExtendedRights "Send As"
Set-MailPublicFolder "\PFNAme" -GrantSendOnBehalfTo @{add="domain\samaccountname"}

If try to add users to Public Folder from GUI, you cannot add ones that are remote mailboxes. So it needs to be done from PS. Note that Set-MailPublicFolder owerwrites previous value so you need to user @{add= feature.

After Public Folder migration, if you want to migrate public folder email address to shared mailbox, alias on-premise is still reserved for mail-enabled public folder even if its disabled. So use powershell to remove public folder mail properties:

Disable-MailPublicFolder -Identity "MyPublicFolder"

You cannot refer to folder path since public folders don't exist anymore but use Get-MailPublicFolder or Get-Recipient to figure name of public folder holding name. Then change the address to shared mailbox and run adsync to update changes immediately. Also remove mail features from public folder from Exchange online, same command.