If you need make a room mailbox public, for example for a public event, these few PowerShell commands will help you:

First, connect to Exchange Online with your tenant admin:

Connect-ExchangeOnline

Make the calendar public and make the calendar entries visible to everyone:

Set-MailboxCalendarFolder publicRoomMailbox:\Calendar -PublishEnabled $true

Set-MailboxCalendarFolder publicRoomMailbox:\Calendar -Detaillevel Full

Show the HTML and iCalendar URL:

Get-MailboxCalendarFolder publicRoomMailbox:\Calendar | fl published*

The URLs can be shared with anyone or the HTML URL could be embedded on a website as part of an iFrame.

If you need to change a synced AD account with an Exchange Online mailbox into a cloud-only user, these are the steps you need to take:

Move the user to an OU that is not synced by AD Connect and run a delta sync on the AD Connect server (or wait for 30 minutes):

Start-ADSyncSyncCycle -PolicyType Delta

The mailbox is now in the "Soft deleted" state, which means that it is deleted but can be restored within 30 days. To view the soft deleted mailbox run this command:

Connect-ExchangeOnline

Get-Mailbox -SoftDeletedMailbox user@ajni.it | fl guid

Now link the deleted mailbox with the cloud-only user. The cloud-only user has already been created in my case. You will need to insert the user's password in order to proceed.

New-Mailbox -InactiveMailbox 7fb16ffd-cf3a-42ef-a9d3-e0293f5ef6c2 -Alias cloudOnlyUser -MicrosoftOnlineServicesID cloudOnlyUser@ajni.onmicrosoft.com

Afterwards you can either assign a license to the user or convert that mailbox into a shared mailbox which does not need a license.

Normally, with an Office 365 mailbox, you can only send mails with the primary email address. Sending from aliases was not allowed. Microsoft recently rolled out this feature which can be enabled through Exchange Online PowerShell:

Connect-ExchangeOnline

To view the current settings:

Get-OrganizationConfig | fl SendFromAlias*

To enable the feature:

Set-OrganizationConfig -SendFromAliasEnabled $true

To view the settings again:

Get-OrganizationConfig | fl SendFromAlias*

References:

https://lazyadmin.nl/office-365/send-from-alias/

If you have an AD synced distribution group and want to only allow senders from your organization, the msExchRequireAuthToSendTo attribute must be set to TRUE in the Attribute Editor. If you try changing that in the Exchange Online console, an error will appear.

When synchronizing on-prem users to Azure AD, there is a chance that Exchange attributes like msexchHideFromAddressLists are missing in Active Directory because the Exchange schema has never been updated, since there has never been a local installation of Microsoft Exchange. In that case, you could either extend the AD schema to include Exchange attributes or you could work with Azure AD synchronization rules, which is safer in my opinion.

On the Azure AD server, open Synchronization Rules Editor

Edit the rule "in from AD - User join". This will disable the rule itself and create a new one. Give the rule a descriptive name and a precedence of 50.

Under Transformations, add a new rule:

Expression msexchHideFromAddressLists IIF(IsPresent([msExchAssistantName]),IIF([msExchAssistantName]="HideFromGAL",True,False),NULL) Update

Now, you can set the attribute msExchAssistantName to HideFromGAL on the AD user. This will tell Azure AD Connect to set msexchHideFromAddressLists to true on the cloud side.

Obviously, you could use another attribute to achieve the same goal. Just change the if statement slightly.

IIF(IsPresent([msExchAssistantName]),IIF([msExchAssistantName]="HideFromGAL",True,False),NULL)

References:

https://jackstromberg.com/2018/08/how-to-hide-users-from-the-gal-in-office-365-synchronized-from-on-premises/