I am working with some O365 implementations nowadays, and we stumbled over an issue with federation between Lync on-premise and Lync Online. This was the following design:
A one AD forest with three domains. One top domain where all common servers/services is installed (Lync, Exchange etc). One subdomain where schools/students accounts is. And another subdomain where administrative personnel accounts is placed. Administrative personell is using “top domain” for example domain.com as their e-mail domain and SIP domain (aswell as UPN domain). Students using a sub domain (student.domain.com).
All AD accounts has an Exchange account. We have established Exchange in Hybrid mode with O365, and some students is migrated to Office365. Working flawless! We also have Dirsync and ADFS set up for SSO.
Lync was/is only deployed to users in the administrative domain (domain.com), so no students is enabled on-prem. We wanted to enable lync for the student.domain.com in Office365. And this worked almost fine. We could communicate with all others except users on-prem with SIP address from domain.com.
After some research we tried to establish direct federation with the SIP domain student.domain.com
New-CSAllowedDomain –identity student.domain.com
Set-csAllowedDomain studen.domain.com –ProxyFqdn sipfed.online.lync.com
And guess what? We was able to see presence and communicate:)