If your organization runs a hybrid Exchange setup with mailboxes split between on-premises Exchange Server and Exchange Online, you may find that Copilot cannot access or summarize certain emails. This happens because Copilot relies on Microsoft Graph data sources that are only available in the cloud. By default, on-premises mailboxes do not sync the required metadata for Copilot to function. This article explains how to configure Exchange Hybrid to make on-premises mailboxes visible to Copilot, including the necessary mailbox moves, attribute updates, and admin center settings.
Key Takeaways: Configuring Copilot for Hybrid Exchange
- Move on-premises mailboxes to Exchange Online: Copilot requires cloud-hosted mailboxes to access email data for summarization and search.
- Set RemoteRoutingAddress for shared mailboxes: Shared mailboxes on-premises must have a valid remote routing address to sync to Exchange Online.
- Enable Microsoft Graph data connection: In the Microsoft 365 admin center, verify that the Graph data source toggle is turned on for Copilot.
How Copilot Accesses Mailbox Data in a Hybrid Setup
Copilot in Microsoft 365 apps such as Outlook and Teams uses Microsoft Graph to read email messages, calendar items, and contact data. In a hybrid Exchange environment, only mailboxes that reside in Exchange Online are fully indexed by Graph. On-premises mailboxes are not directly accessible to Copilot because they do not exist in the cloud tenant.
When a hybrid deployment is configured, a subset of mailboxes may still be on-premises for compliance, migration pacing, or business reasons. Copilot cannot generate email summaries, find related conversations, or answer questions about messages stored in those on-premises mailboxes. To make Copilot work for all users, each mailbox must be moved to Exchange Online or, in the case of shared mailboxes, be represented as a mail-enabled user with the correct remote routing address.
The core requirement is that every mailbox Copilot interacts with must have a corresponding user object or mail contact in Azure Active Directory with a cloud-based mailbox. This means the on-premises mailbox must be migrated, or the user must be licensed and have a remote mailbox in Exchange Online.
Steps to Prepare Your Hybrid Environment for Copilot
- Verify hybrid configuration health
Open the Exchange Management Shell on your hybrid server. RunTest-HybridConfiguration -RunSynchronousto confirm that the hybrid relationship between on-premises Exchange and Exchange Online is working. Fix any errors before proceeding. - Move user mailboxes to Exchange Online
In the Exchange admin center, go to Recipients > Migration. Create a new migration batch for on-premises mailboxes that belong to users who need Copilot. Use a remote move migration to transfer the mailbox data to Exchange Online. After the move completes, the mailbox becomes a cloud mailbox accessible to Graph. - Convert shared mailboxes to cloud-based objects
For shared mailboxes that remain on-premises, create a mail-enabled user in on-premises Active Directory with the same alias and set the RemoteRoutingAddress to the cloud domain. Sync this object to Azure AD Connect. Then in Exchange Online, convert the mail-enabled user to a shared mailbox usingSet-Mailbox -Type Shared. This ensures the shared mailbox is visible to Copilot. - License all users who need Copilot
Each user who will use Copilot must have a Microsoft 365 E3 or E5 license plus a Copilot for Microsoft 365 license. Assign licenses in the Microsoft 365 admin center under Billing > Licenses. Without a license, the mailbox exists but Copilot cannot access it. - Enable Microsoft Graph data source for Copilot
In the Microsoft 365 admin center, go to Settings > Org settings > Copilot. Under Data sources, ensure the toggle for Microsoft Graph is turned on. This setting allows Copilot to read email, calendar, and chat data from all cloud mailboxes. - Test Copilot access on a moved mailbox
Open Outlook on the web with a user whose mailbox has been moved. Open an email and click the Copilot icon. Ask Copilot to summarize the email. If the summary appears, the configuration is correct. If Copilot returns an error, verify the mailbox location and license assignment.
If Copilot Still Cannot Access On-Premises Mailboxes
Copilot returns an error saying the mailbox is not found
This error occurs when the on-premises mailbox has not been migrated or the user object lacks a cloud mailbox. The only fix is to move the mailbox to Exchange Online using a remote move migration. After the move, the mailbox appears in Exchange Online and Copilot can access it.
Shared mailbox sync fails and Copilot cannot see it
If a shared mailbox was converted to a mail-enabled user but still shows as on-premises, the RemoteRoutingAddress may be incorrect. Run Get-MailUser | fl RemoteRoutingAddress in Exchange Online PowerShell to confirm the address points to your tenant domain. If it is blank, update it with Set-MailUser -RemoteRoutingAddress user@yourtenant.mail.onmicrosoft.com.
Copilot works for some users but not others
This typically indicates that some mailboxes are still on-premises while others have been moved. Check the mailbox location for each affected user in the Exchange admin center under Recipients > Mailboxes. Move any remaining on-premises mailboxes to Exchange Online.
On-Premises Mailbox vs Cloud Mailbox for Copilot: Key Differences
| Item | On-Premises Mailbox | Cloud Mailbox (Exchange Online) |
|---|---|---|
| Copilot email summarization | Not supported | Supported |
| Copilot search across messages | Not supported | Supported |
| Requires Microsoft Graph access | No | Yes |
| Requires Copilot license | Yes, but only if user has a cloud mailbox | Yes |
| Migration method to enable Copilot | Remote move migration to Exchange Online | None needed |
After moving all target mailboxes to Exchange Online and verifying the Graph data source is enabled, Copilot will be able to summarize emails, find related messages, and answer questions about mailbox content across your hybrid environment. For shared mailboxes that must remain on-premises for compliance reasons, consider using a cloud-based archive or a separate user mailbox with delegate access as an alternative. As a next step, review the Copilot data source settings quarterly to ensure no new on-premises mailboxes are blocking access.