Yesterday, we announced the availability of our simple directory synchronization tool. Today, we are going to discuss deployment and give you a step-by-step guide on how to use it in your migrations.
First things first, there are some things you will need to do before deploying directory synchronization:
- Validate your domain in Office 365. Before deploying directory synchronization, you must validate your domain in Office 365. This is because we are attempting to synchronize your email addresses and user principal names (UPN) over and they cannot be added to objects without first being validated.
- Make sure your UPN’s in your Active Directory are correct. This is what you will be using to log into Office 365. Most companies have their UPN’s the same as the email addresses for simplicity and also for your users to remember. Note that our synchronization tool currently does not update existing UPN’s on accounts so it’s important that they are right before synching.
- Our directory synchronization tool does not synchronize passwords
- We do not alter anything in your existing Active Directory or Exchange environment
Synchronization consists of 1) creating new objects in Office 365 when they are created in Active Directory, 2) updating Office 365 objects when they are updated in Active Directory and 3) deleting Office 365 objects when they are deleted in Active Directory. Let’s now deploy directory synchronization:
- Select a computer you wish to deploy our directory synchronization tool on. This can be any Windows computer (XP, Vista, 7, Server, etc). We have a low footprint and don’t install any big services. Install it on the same machine as your Exchange server.
- Make sure you have PowerShell 2.0. If you don’t have it, download and install it.
- Make sure you have the Microsoft.NET 3.5 Framework. If you don’t have it, download and install it.
- Make sure your MigrationWiz user account is enabled for remote access.
- Download and install the MigrationWiz PowerShell CommandLets
- Launch the MigrationWiz Command Shell from your start menu
- Type .\SyncActiveDirectoryToOffice365.ps1 and press enter
- Enter your MigrationWiz credentials in the dialog
- Enter your Office 365 administrative credentials in the dialog
- Select the objects you wish to synchronize.
- Perform a simulation without delete so that you can see what objects will get synchronized and to get your feet wet. The without delete operation will perform the creates and updates but not delete operations in Office 365. No synchronization will occur. Only a simulation displaying what we would do.
- Verify that the objects we found and the corresponding actions are correct.
- If you only have a few objects, you can view the actions directly from the console.
- If you have a lot of objects, a log is written to the same directory as the script that you can open with wordpad. Note that opening this file with notepad may not display the breaks correctly.
- Perform a synchronization without deletes.
- Log into Office 365 and view your synchronized users, groups and contacts.
- Note that it may take a few minutes to a few hours for all items to show up depending on replication latency within Office 365.
- Note that contacts synchronized are not visible in the Office 365 admin portal. They can only be visible from the Exchange Control Panel (ECP) or remote PowerShell
- Note that groups synchronized are not visible in the Office 365 admin portal. They can only be visible from the Exchange Control Panel (ECP) or remote PowerShell
- Keep repeating steps 12-15 whenever you have changes in AD to your objects or add new objects.
Once you are comfortable with how our directory synchronization tool works, try simulating with deletes.
We’ll post a follow-up article on some advanced features and customizations. So check back soon for more DirSync!