These errors can generate a lot of issues, think about duplicate accounts or Mailusers are not removable.
Actually these issues are pretty easy to fix:
FIX:
(Get-MsolUser -UserPrincipalName affecteduser@domain.com).errors.errordetail.objecterrors.errorrecord| fl
#Search in EXO PowerShell for the object that is using the mentioned EXchangeGUID or ArchiveGUID:
Get-Recipient -IncludeSoftDeletedRecipients ‘ExchangeGUID value’|ft RecipientType,PrimarySmtpAddress,*WhenSoftDeleted*
#Once you found the object that is using this ExchangeGUID or ArchiveGUID, you have to purge it:
#1. If it is a softdeleted MailUser:
Remove-MailUser ‘ExchangeGUID value’ -PermanentlyDelete
#2. If it is a softdeleted UserMailbox, run:
Remove-Mailbox ‘ExchangeGUID value’ -PermanentlyDelete
#-if this command fails due to mailbox being protected by hold, you have to disable the hold first(check if data backup is required):
Set-Mailbox user@domain.com -LitigationHoldEnabled $false -InactiveMailbox
#3. If it turns to be an active mailuser/mailbox that is using this ExchangeGUID/ArchiveGUID, you need to evaluate the option to purge that user.
#4. After the faulty object has been purged from EXO, we need to fix the validation error by forcing the object provisioning:
Get-MsolUser -UserPrincipalName user@domain.com |fl *objectID*
Redo-MsolProvisionUser -ObjectId ‘paste the *objectID* value from above command’
#5. Wait for 5 minutes and then run the next command, to confirm if your validation error is fixed:
(Get-MsolUser -UserPrincipalName user@domain.com).errors.errordetail.objecterrors.errorrecord| fl
J3Rmeyer | Microsoft 365 | Azure AD | IAM 
This is a much valuable guide Jerry.
I´m currently facing this issue, but due to the fact that the mailbox was in litigation hold and will have to be recovered, my process requires a further degree in complexity envolving the immutable ID.
The thing is, in my humble opinion, this wasn´t supposed to happen in the first place.
Thanks!
LikeLike
Hi Ivan, I have encountered these issues to. you can try the following to come to a solution, but first make sure you create a PST of the mailboxes involved.
The first thing you can try is to remove the MSOLuser. probably this is not possible within the Gui, so you have to try this with powershell. When you are not able to do this. Try to remove the mailbox to softdeleted when the mailbox is stored there the smartest thing to do is to restore the mailbox to another user.
The second thing is to remove all the email addresses from the user except the onmicrosoft.com email ( you have to remove them from Proxyaddresses and sync the changes over).
When you have done this you can check with. (get-msoluser (user) -hasherrorsonly). if the problem still exists..
The actually solution is just remove the entire user in (O365 only), and sync the user as new to office 365. Make sure when performing all the steps of removing that you disable the AAD connect sync.
LikeLike
The offending object in my case is a mail user and when I try to remove it I get this error:
This mail enabled user cannot be permanently deleted since there is a user associated with this mail enabled user in
Azure Active Directory. You will first need to delete the user in Azure Active Directory. Please refer to
documentation for more details.
I’ve been searching AAD for this user and I really can’t find it. Tried the portal, tried using Get-MSOLUser and Get-AzureADUser to no avail. Not really sure how I can proceed at this point. Any ideas?
LikeLike
Have you tried searching on the upn? Get-azureaduser -identity (upn). It you need any extra help hit me on LinkedIn so we can setup a chatsession.
LikeLike
Yes, I did that. I sent an invite to you in LinkedIn to connect. Hopefully I got the correct Jerry Meyer (Netherlands). Let me know if you got it. Thanks.
LikeLike