In some scenarios, you may have to transfer the source of authority for a user account when that account is originally authored by using Office 365 management tools. These tools include the Office 365 portal, Microsoft Online Services Module for Windows PowerShell, and so on. You can transfer the source of authority so that the account can be managed through an on-premises Active Directory Domain Services (AD DS) user account by using directory synchronization.
This article discusses how this transfer of the source of authority is affected by "SMTP matching," a process that uses the primary Simple Mail Transfer Protocol (SMTP) address to match the on-premises user account with the Office 365 user account.
SMTP matching limitations
The SMTP matching process has the following technical limitations:
How to use SMTP matching to match an on-premises user to a cloud identity
To use SMTP matching to match an on-premises user to an Office 365 user account for directory synchronization, follow these steps:
1. Obtain the target Office 365 account primary SMTP address. To do this, follow these steps:
2. Start Active Directory Users and Computers, and then create a user account in the on-premises domain that matches the target Office 365 user account. For more information about how to do this, visit the following Microsoft TechNet website:
Create a User Account in Active Directory Users and Computers (http://technet.microsoft.com/en-us/library/dd894463(WS.10).aspx)
3. Use Active Directory Service Interfaces (ADSI) Edit to edit the proxyAddresses attribute of the user object so that it matches the primary SMTP address that you noted in step 1D. To do this, follow these steps:
. Click Start, click Run, type ADSIEdit.msc, and then click OK.
5. Click OK two times, and then exit ADSI Edit.Notes
Windows Server 2003 Service Pack 2 32-bit Support Tools (http://go.microsoft.com/fwlink/?LinkId=100114)
Using ADSI Edit to edit Active Directory attributes (http://technet.microsoft.com/en-us/library/bb124152(EXCHG.65).aspx)
4. Force directory synchronization. For more information about how to do this, visit the following Microsoft website:
Force directory synchronization (http://onlinehelp.microsoft.com/en-us/office365-enterprises/ff652557.aspx#BKMK_SynchronizeDirectories)
For more information about how to transfer the source of authority between on-premises directory synchronization and cloud-based management tools such as the Office 365 portal and Microsoft Online Services Module for Windows PowerShell, visit the following Microsoft website:
Directory synchronization and source of authority
How to use SMTP matching to match on-premises user accounts to Office 365 user accounts for Directory Synchronization
Office 365 Deployment
For some reason your 2012 dated article focuses on Server 2003 without saying so in the title or main topic. Unless this simply doesn't exist in Server 2003 as a user property tab, why are you directing people to use ADSI Edit? That's a danger zone...
and for staff who are given the ability to administer users only, they probably have no business being in ADSI Edit, in fact a lot of people shouldn't be in there. So unless Server 2003 is completely missing this as an option, in 2008 R2, 2012, 2012 R2: right
click user in ADUC, Properties, Attributes Editor tab, scroll down to proxyAddresses and edit there.