Exchange Hybrid Keys

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

When identities (users) have been synchronized from on-premise to Azure AD using Azure AD Connect, an on-premise Exchange Server is required for managing these users. Why? Microsoft only officially supports modifications that are done through the Exchange Admin Center or through the Exchange PowerShell module. Manipulation through attributes in Active Directory (such as the proxyaddresses attribute) does technically work (at least most of the time) but is not officially supported.

Microsoft provides a free Hybrid Key so that a single server can remain on-premise without cost, for management purposes only. In order to qualify for this license there must not be any mailboxes on the Exchange Server. Previously Microsoft had a website that customers could access and claim a Hybrid Key for Management. From 2018 Hybrid Keys are automatically installed by running the Microsoft Office 365 Hybrid Configuration Wizard (HCW).

However the HCW only provides Hybrid Keys for Exchange Server 2010, 2013 and 2016. For Exchange Server 2019 a full license is required. I have not found any documented reasons for this, but my best guess would be that Microsoft targets Exchange Sever 2019 for customers that dont want/cannot migrate to Exchange Online.

The Exchange Server Licensing FAQ does not currently elaborate as to why Hybrid Keys are not provided for Exchange Server 2019. Also have a look that the following blog post for the Exchange Team.

Want To See More?


Windows Autopilot Diagnostics

Microsoft has announced a new Autopilot Diagnostics screen that makes it much easier to troubleshoot and retrieve logs during deployment. The scenario only work with


Installing pfSense on Hyper-V

Having a lab environment on your laptop/desktop machine can be practical to test new functionality and learn new products and services. However it can be