Skip to main content

Adding an alias to a mailbox shows the error: Error executing request. An Azure Active Directory call was made to keep object in sync between Azure Active Directory and Exchange Online. However, it failed. Detailed error message: Unable to update the specified properties for on-premises mastered Directory Sync objects or objects currently undergoing migration. DualWrite (Graph) RequestId: 21a9bbca-d90a-4bff-b759-9a4c826c639c The issue may be transient and please retry a couple of minutes later. If issue persists, please see exception members for more information.

In this article, you will learn why this happens and the solution for an Azure Active Directory call was made to keep object in sync between Azure Active Directory and Exchange Online.

Introduction

Let’s look at when the error shows up: Error executing request. An Azure Active Directory call was made to keep object in sync between Azure Active Directory and Exchange Online. However, it failed.

  1. Sign in to Exchange admin center
  2. Expand Recipients and click on Mailboxes
  3. Select the Mailbox
  4. Click on Add email address type
  5. Fill in the Email address
  6. Click on Save

In our example, we did add the alias address: K.Grant@exoip.com.

An Azure Active Directory call was made to keep object in sync add alias

The email address type update failed, and the error shows:

Error
Error executing request. An Azure Active Directory call was made to keep object in sync between Azure Active Directory and Exchange Online. However, it failed. Detailed error message: Unable to update the specified properties for on-premises mastered Directory Sync objects or objects currently undergoing migration. DualWrite (Graph) RequestId: 21a9bbca-d90a-4bff-b759-9a4c826c639c The issue may be transient and please retry a couple of minutes later. If issue persists, please see exception members for more information.

An Azure Active Directory call was made to keep object in sync error

User is synchronized with your local Active Directory

Let’s have a look at the user in Microsoft 365 admin center, follow these steps:

  1. Sign in to Microsoft 365 admin center
  2. Expand Users and click on Active users
  3. Select the User
  4. Click on Manage username and email

You can’t add an alias address, and the Add button is greyed out. That’s because the user is synchronized with your local Active Directory, and you have to add the aliases on-premises and not in the cloud.

This user is synchronized with your local ‎Active Directory‎. Some details can be edited only through your local ‎Active Directory‎.

Solution for an Azure Active Directory call was made to keep object in sync

The solution is to add the alias address in Exchange Admin Center on-premises. After that, sync with Azure AD Connect, and it will show the alias address in the cloud. Suppose you don’t see the mailbox on-premises; there are couple more steps involved. Let’s look at that below.

Office 365 mailbox not showing on-premises

Run Exchange Management Shell as administrator and run the following three cmdlets.

Step 1. Run Enable-MailUser cmdlet to mail-enable the user that isn’t already mail-enabled.

[PS] C:\>Enable-MailUser -Identity "Kevin.Grant@exoip.com" -ExternalEmailAddress "Kevin.Grant@exoip365.mail.onmicrosoft.com"

Name            RecipientType
----            -------------
Kevin Grant     MailUser

Step 2. Run Enable-RemoteMailbox cmdlet to link the cloud mailbox in the cloud-based service for the existing user in the on-premises Active Directory.

[PS] C:\>Enable-RemoteMailbox "Kevin.Grant@exoip.com"

Name            RecipientTypeDetails     RemoteRecipientType
----            --------------------     -------------------
Kevin Grant     RemoteUserMailbox        ProvisionMailbox

Step 3. Force sync Azure AD Connect with PowerShell.

PS C:\> Start-ADSyncSyncCycle -PolicyType Delta

Add email address in Exchange admin center

Add the email address to the mailbox in Exchange on-premises:

  • Sign in to on-premises Exchange Admin Center
  • Double-click the mailbox to open properties
  • Click on email address
  • Add the email address
  • Uncheck the box Automatically update email addresses based on the email address policy applied to this recipient
  • Click on Save
An Azure Active Directory call was made to keep object in sync add alias on-premises

After adding the alias address,Force sync Azure AD Connect with PowerShell.

PS C:\> Start-ADSyncSyncCycle -PolicyType Delta

The alias address shows up in the Microsoft 365 admin center.

An Azure Active Directory call was made to keep object in sync alias added

Everything looks great!

Leave a Reply