Udostępnij za pośrednictwem


Office 365 Directory Synchronization

Dirsync is required to support Single Sign On (SSO) and creates Mail Enabled Users (MEU) in the cloud tenant. Installing Dirsync allows you have a unified Global Address List (GAL) between on-premise and cloud (Office 365).  It also allows you to on-board/off-board users to and from Office 365 (this requires a 2 way sync).

Note: When user accounts are first sync’d they are marked as non-activated (therefore do not consume any licenses)

Here are the steps for installing and verifying Disync has completed. Also to verify Dirsync has completed check the event logs for:-

  • Source = Directory Synchronisation with an Event ID of 4 ‘The export has completed’

1

Steps

Action

Activate directory synchronisation from the online portal

Sign in to the online portal https://portal.microsoftonline.com, under Admin (as per above steps) click users

image

Select ‘Activate’ Active directory Synchronization

Note:

User users that there are no synchronized users from your on-premise AD

image

Select Step 3 ‘Active directory Synchronization’ and click ‘Activate’

image

Select ‘Yes’ to activate Directory Synchronization

image

Now we need to install the Directory Synchronization Tool

Launch the Directory Synchronization Tool by double clicking on Dircync.exe

Click next on the welcome screen

image

Accept the license agreement and default install location

image

The Directory Synchronization Tool will install and click finish when it’s completed

image

On the Directory Synchronization server launch ‘directory Sync configuration’ and click next on the welcome screen

image

Specify your Office 365 administrator credentials

image

Specify Enterprise Admin credentials to create the service account

Note:

The credentials specified here are not saved or cached in memory.

image

Click Next on the configuration page

image

Verify the ‘Synchronize directories now’ is selected and click finish

image

Review the wizard and click ok

image

Verify users have been synchronized

Note:

If might take a few minutes for the user appear, if they don’t appear refresh your browser

Sign into the online portal https://portal.microsoftonline.com

All changes to the user account needs to managed on-premise and then the changes will synchronised to Office 365 by the directory synchronization tool.

On the home page, select ‘Admin’ the under management select ‘Users’

image

Directory synchronization will occur every 3 hours, but you can force synchronization if required

Navigate to C:\Program Files\Microsoft Online Directory Sync and Double-click DirSyncConfigShell.psc1. Then run Start-OnlineCoexistenceSync

 

Update your domain to a shared domain

On the home page, select Admin and then manage under Exchange Online (this takes you into the Exchange Control Panel (ECP))

image

In the ECP, select ‘Mail control’ then ‘domains and Protection’ and select company.com as a shared domain

image

Written by Daniel Kenyon-Smith

Comments

  • Anonymous
    January 01, 2003
    Note, with the Exchange Online Archive (EOA) service, you are unable to login to OWA and change the domain type.  Instead you must use remote powershell: Set-AcceptedDomain contoso.com -DomainType internalrelay