KB ID 0001468 Problem Why do we have the Exchange LegacyDN? It’s a throwback, from a time when we had our users, and our mail users in different databases. Below you can see the ExchangeLegacyDN for this Exchange on-premise user; /O=First Organisation/OU=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn={something-user-specific} Who cares? Well they are still important, if you send an internal email (to someone in the same Exchange Organisation). Exchange uses this address NOT the SMTP address which you would expect. Also Microsoft Outlook has a habit of caching this address and NOT the SMTP address. Normally this is not a problem, UNTILL you migrate your mail somewhere else, then the internal cached ExchangeLegacyDN addresses are now incorrect. (See error message below). How Does Migrating To Office 365 Handle This? If you do a Hybrid Exchange Migration with Azure AD sync, this is all ‘fixed’ in the background for you, When you first get your AD user ‘synced’ (i.e before you migrate the mailbox) you get an X500 address that’s just used in O365. Then once the mailbox is migrated the users gets the ExchangeLegacyDN copied across as an additional X500 Address. In fact if you repeat the command we did at the very start, you will see the on-prem user no longer has an ExchangeLegacyDN LegacyExchangeDN Problems You will see problems ‘Post Migration‘ to another domain, to a newer version of Exchange, or if you use a third party tool, to migrate your users to Office 365, (which is just another domain to be honest). If your users attempt to send an email to a ‘cached’ address, they will get an error that looks like this; More Info for Email Admins Status code: 550 5.1.11 The recipient email address is a LegacyExchangeDN address, which isn’t used by the Office 365 service. You might see this error if you’ve migrated your organization’s email from on-premises to the cloud, or if your organization has a hybrid configuration and you synchronize your on-premises directory with Office 365. If clearing the recipient Auto-Complete List from the user’s Outlook or Outlook on the web doesn’t solve the problem, try to clear the related LegacyExchangeDN address from your on-premises Active Directory. Then synchronize the directory again. For more information, see Fix email delivery issues for error code 5.1.11 in Office 365. Original Message Details Created Date:     06/09/2018 15:37:37...