Hi AOA-STL,
I’ve read the entire post and I found that you encountered the 2 following issues:
1. The users whose UPN suffix is the primary domain cannot access Office 365 services via Single Sign-On (SSO).
2. When you tried to move an on-premise mailbox to Office 365 via a move request, the move request failed with the error message about the accepted domain.
If I misunderstand it, please feel free to let me know
As for the move request issue, I found something that is not the same as a normal hybrid deployment, such as the target delivery domain. Generally, when we move an on-premise mailbox to Office 365 via a move request, the target delivery domain should like “domain.mail.onmicrosoft.com”.
Moreover, based on the error message and my experience, the issue may be caused by the on-premise mailbox proxy addresses including addresses that contain unverified custom domain, such as user@domain.local. If so, please remove this kind of proxy address and wait for synchronization to see if it works.
As for the SSO issue, if you mean the user cannot sign in to Office 365 services, the issue should have no direct link with the move request issue. I would appreciate if you can post the detailed information about the SSO issue, such as the error message when accessing the Office 365 portal, in a new thread in the forum. Then, our support engineer will follow you in the new thread. Thanks for understanding.
Thanks,
Claud