If you need to change a synced AD account with an Exchange Online mailbox into a cloud-only user, these are the steps you need to take:

Move the user to an OU that is not synced by AD Connect and run a delta sync on the AD Connect server (or wait for 30 minutes):

Start-ADSyncSyncCycle -PolicyType Delta

The mailbox is now in the "Soft deleted" state, which means that it is deleted but can be restored within 30 days. To view the soft deleted mailbox run this command:

Connect-ExchangeOnline

Get-Mailbox -SoftDeletedMailbox user@ajni.it | fl guid

Now link the deleted mailbox with the cloud-only user. The cloud-only user has already been created in my case. You will need to insert the user's password in order to proceed.

New-Mailbox -InactiveMailbox 7fb16ffd-cf3a-42ef-a9d3-e0293f5ef6c2 -Alias cloudOnlyUser -MicrosoftOnlineServicesID cloudOnlyUser@ajni.onmicrosoft.com

Afterwards you can either assign a license to the user or convert that mailbox into a shared mailbox which does not need a license.

Normally, with an Office 365 mailbox, you can only send mails with the primary email address. Sending from aliases was not allowed. Microsoft recently rolled out this feature which can be enabled through Exchange Online PowerShell:

Connect-ExchangeOnline

To view the current settings:

Get-OrganizationConfig | fl SendFromAlias*

To enable the feature:

Set-OrganizationConfig -SendFromAliasEnabled $true

To view the settings again:

Get-OrganizationConfig | fl SendFromAlias*

References:

https://lazyadmin.nl/office-365/send-from-alias/

If you are having performance issues with your brand new File Server running on Windows Server 2019, particularly when working with small files over a network share, these PowerShell commands might save hours of troubleshooting.

Get-NetAdapter | Set-NetAdapterAdvancedProperty -DisplayName "Large Send Offload Version 2 (IPv4)" -DisplayValue "Disabled" -NoRestart

Get-NetAdapter | Set-NetAdapterAdvancedProperty -DisplayName "Large Send Offload Version 2 (IPv6)" -DisplayValue "Disabled" -NoRestart

Get-NetAdapter | Set-NetAdapterAdvancedProperty -DisplayName "Recv Segment Coalescing (IPv4)" -DisplayValue "Disabled" -NoRestart

Get-NetAdapter | Set-NetAdapterAdvancedProperty -DisplayName "Recv Segment Coalescing (IPv6)" -DisplayValue "Disabled" -NoRestart

Get-NetAdapter | Set-NetAdapterAdvancedProperty -DisplayName "Receive Side Scaling" -DisplayValue "Disabled" -NoRestart

Get-NetAdapter | Restart-NetAdapter

Note: The VM's network adapter will be restarted, there will be a downtime of about 10 seconds.

References:

https://community.spiceworks.com/topic/2225989-server-2019-network-performance?page=8#entry-8745935

If you are syncing local AD users to Azure AD and using Seamless Sign-On (see https://www.ajni.it/2021/05/configuring-azure-ad-connect-for-user-synchronization/ and https://www.ajni.it/2021/05/configure-seamless-sign-on-for-microsoft-365-login-with-azure-ad-connect/), there is an awesome registry key that automatically creates the Outlook profiles without user interaction.

HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\AutoDiscover

DWORD ZeroConfigExchange 1

Alternatively, you can add the DWORD ZeroConfigExchangeOnce 1 key to automate the creation of the first profile. Successful profiles have to be created manually.

References:

https://docs.microsoft.com/en-us/outlook/troubleshoot/profiles-and-accounts/let-zeroconfigexchange-automatically-create-first-profile

If you have an AD synced distribution group and want to only allow senders from your organization, the msExchRequireAuthToSendTo attribute must be set to TRUE in the Attribute Editor. If you try changing that in the Exchange Online console, an error will appear.