How to fix Attribute Value Must Be Unique “AttributeValueMustBeUnique” error message when trying to sync an object from on-premises Active Directory to Office 365.
You received a synchronization error report email from MSOnlineServicesTeam@MicrosoftOnline.com similar to the following:
Hello admin@constoso.com,
You can troubleshoot this issue by running the Directory Synchronization troubleshooter on the server that has Azure Active Directory identity synchronization tools installed.
The Identity synchronization tool batch run was completed on Thursday, 23 March 2017 12:54:13 GMT for directory Contoso.onmicrosoft.com [Contoso.onmicrosoft.com].
The following errors occurred during synchronization:
| Identity | Error Description | sourceAnchor |
| user1@contoso.com | Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:user1@contoso.com;]. Correct or remove the duplicate values in your local directory. Please refer to https://support.microsoft.com/kb/2647098 for more information on identifying objects with duplicate attribute values. | #######3VHk6gBGejEZfwww== |
We've recently introduced a new feature to help you resolve errors like this more easily. Click here to learn more.
Tracking ID: ########-cc64-44db-a2d2-0833a8e958e9
Thank you,
The Azure Active Directory Team
Do not reply to this message. It was sent from an unmonitored email account.
When you open Azure AD Connect Synchronization Service, you notice the error message below: 
To identify and fix the issue, please do the following:
Click on the error message “AttributeValueMustBeUnique”
You will be presented with the screen below: 
Click on “Detail…” 
“ObjectId” "82538ebe-1cf7-4c89-9497-############" – is the object you trying to sync to O365.
"ObjectIdInConflict": “6f2fcfcd-23f8-4504-bbe6-############" – is the object already exists in O365 with duplicated SMTP address.
You will need these “ObjectId” values to identify the syncing object and existing object via O365 remote PowerShell.
Connect to O365 remote PowerSheell - https://technet.microsoft.com/en-us/library/dn975125.aspx and run the remote PowerShell commands below:
[9:58:15 AM][Cloud] Get-MsolUser -ObjectId 82538ebe-1cf7-4c89-9497-############# | FL Proxyaddresses, OverallProvisioningStatus, LastDirSyncTime, ValidationStatus
ProxyAddresses : {smtp:user17609@contoso.onmicrosoft.com, smtp:user1@contoso.mail.onmicrosoft.com, SMTP:user1@contoso.com}
OverallProvisioningStatus : Error
LastDirSyncTime : 3/23/2017 1:54:17 PM
ValidationStatus : Error
[9:58:41 AM][Cloud] Get-MsolUser -ObjectId 6f2fcfcd-23f8-4504-bbe6-############# | FL Proxyaddresses, OverallProvisioningStatus, LastDirSyncTime, ValidationStatus
ProxyAddresses : {smtp:user1@contoso.com, SMTP:user1@contoso.onmicrosoft.com}
OverallProvisioningStatus : Success
LastDirSyncTime :
ValidationStatus : Healthy
To remove the existing (duplicate) MSOL user object so that we can successfully sync an object from on-premises Active Directory:
You may back up any data from the existing object and then permanently remove it using the remote PowerShell commands below:
If the command Get-MsolUser does not return the duplicate object you are looking for, the duplicate object in Office 365 might be a contact. In that case, please run the commands below to find and delete that contact object.
If Get-MsolContact does not return the duplicate object, the object might be a MSOL group.
Go to your Azure AD Connect server and force a delta sync. You should now be able sync the object in conflict successfully to Office 365.