Thanks for your response Claud Wang.
Let me add some more information that might give little more clarity to the issue.
Customer has been using Online service since BPOS version of Microsoft Online Services which was later upgraded to Office 365
Customer had Exchange 2010 installed in their environment which was removed once they finished the migration to Office 365.
Write back attributes were working before as we see the old objects having the attributes like proxyAddress having appropriate value like it should be in rich coexistence environment.
As per the latest information from customer, it seems that write back option has stopped working since November 2013.
I did a little bit of research in the environment and found the following.
I don't see MSOL_AD_Sync_RichCoexistence in the Users container
The account MSOL_AD_Sync is present but the membership with only domain users.
I am not sure at this moment if the richcoexistence was enabled at the time of configuring the DirSync
Now the question is what are the required permissions for user account MSOL_AD_Sync to write back on the following 5 attributes and what is the easy way to assign those permissions across the forest
msExchArchiveStatus Online Archive: Enables customers to archive mail.
msExchUCVoiceMailSettings Enable Unified Messaging (UM) - Online voice mail: This new attribute is used only for UM-Microsoft Lync Server 2010 integration to indicate to Lync Server 2010 on-premises that the user has voice mail in online services.
msExchUserHoldPolicies Litigation Hold: Enables cloud services to determine which users are under Litigation Hold.
ProxyAddresses
(LegacyExchangeDN <online LegacyDn> as X500) Enable Mailbox: Offboards an online mailbox back to on-premises Exchange.
PublicDelegates Cross-premises Public Delegation: Enables users to specify delegates for their mailbox.
SafeSendersHash
BlockedSendersHash
SafeRecipientHash Filtering: Writes back on-premises filtering and online safe and blocked sender data from clients.
I read some discussions in the community suggesting to add the account in enterprise admins group in AD, not sure if that is really required.