Solved

Synchronize Live@Edu passwords with Active Directory

Posted on 2010-11-22
13
1,628 Views
Last Modified: 2012-05-10
I am trying out Microsoft's Live@Edu service and would like to know if there is a way to obtain the Live@Edu mailbox account passwords, with PowerShell maybe?  Microsoft allows institutions to synchronize their on-premises Active Directory to Live@Edu but not the other way around so I was thinking if I could extract the password attribute from Live@Edu I could maybe put together a PowerShell script to synchronize the Live@Edu passwords with my on-premises Active Directory.  This would help me avoid having to deal with password resets.
0
Comment
Question by:sobrienmsm
  • 6
  • 4
  • 3
13 Comments
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 34196691
No you can't, the password at live@edu is encrypted and you cannot get it. the only supported way is, just like you said it, to sync from your AD to live@edu
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34196700
The only way to do it is to use Forefront Identity Manager.
See here: http://www.microsoft.com/windowsserver2008/en/us/ida-identity-lifecycle-management.aspx
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34196753
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 49

Expert Comment

by:Akhater
ID: 34196791
@demazter he wants it the other way around, from live to AD and not from AD to live.

it cannot be done
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34196855
I am not sure 100% I am working on a project with an education provider at the moment and this is the product that has been suggested.
The Sync as far as I am aware is both ways, I may well be wrong (it has been known).

0
 

Author Comment

by:sobrienmsm
ID: 34196924
How does an institution then allow a student to reset their forgotten passwords?

Students can reset their passwords in Outlook Live, but doesn't it then get replaced with the Active Directory password once the next OLSync sync operation is performed?

Given students can reset their mailbox passwords in Outlook Live, and the fact that we can't extract the password from the Live@Edu Exchange 2010 servers, how does an academic institution deal with resetting forgotten passwords?
0
 
LVL 49

Expert Comment

by:Akhater
ID: 34196980
reseting password all happen in one place AD and OLSync will replicate with Outlook Live.

OLSync only allows sync from On Premises to Outloook live
0
 

Author Comment

by:sobrienmsm
ID: 34197038
Can the ability to reset your password ("Forgot your password" link) be turned off in Outlook Live (https://outlook.com)?

Students shouldn't be allowed to reset and/or change their Outlook Live passwords via Outlook Live if Outlook Live can only be managed through an on-premises Active Directory.
0
 
LVL 49

Assisted Solution

by:Akhater
Akhater earned 500 total points
ID: 34197094
yes you can

Block Password Reset
You can now control your users’ ability to reset their password. To access this capability, sign in to the SMP and click on Domains.
0
 

Author Comment

by:sobrienmsm
ID: 34197241
Would this also block their ability to fill in the password reset information such as, an alternative email address, a mobile number, security questions, etc?

I would still want our students to reset their passwords on their own and have this new password recorded in Active Directory.  How would we then allow the students to reset a forgotten password on our end?  I suppose through a web portal maybe, using LDAP, and the Password Change Notification Service (PCNS) to have it synchronized back to Outlook Live?  Would anyone happen to have some simple code for this?  

At this point, I am looking for an automated password reset solution that I can apply here on my on-premises Active Directory and then have replicated to Outlook Live through OLSync.  A solution I can implement through a web portal.
0
 
LVL 49

Assisted Solution

by:Akhater
Akhater earned 500 total points
ID: 34197382
you will need to use the self service password reset of ILM or something like that
this will not allow users to change or reset password on outlook live
0
 

Author Comment

by:sobrienmsm
ID: 34197449
Yes, but I could install the Password Change Notification Service (PCNS) on Active Directory to push out any password changes to Outlook Live through OLSync.  If I'm not mistaken, I believe this is what some institutions have set up.
0
 
LVL 49

Assisted Solution

by:Akhater
Akhater earned 500 total points
ID: 34197778
this is the only way to do it as far as i know

i have done live@edu integration and microsoft input for password sync was to disable password changes on outlook live, implement self service portal on fim to reset passwords and let olsync sync passwords
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question