Solved

Synchronize Live@Edu passwords with Active Directory

Posted on 2010-11-22
13
1,621 Views
Last Modified: 2012-05-10
I am trying out Microsoft's Live@Edu service and would like to know if there is a way to obtain the Live@Edu mailbox account passwords, with PowerShell maybe?  Microsoft allows institutions to synchronize their on-premises Active Directory to Live@Edu but not the other way around so I was thinking if I could extract the password attribute from Live@Edu I could maybe put together a PowerShell script to synchronize the Live@Edu passwords with my on-premises Active Directory.  This would help me avoid having to deal with password resets.
0
Comment
Question by:sobrienmsm
  • 6
  • 4
  • 3
13 Comments
 
LVL 49

Accepted Solution

by:
Akhater earned 500 total points
ID: 34196691
No you can't, the password at live@edu is encrypted and you cannot get it. the only supported way is, just like you said it, to sync from your AD to live@edu
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34196700
The only way to do it is to use Forefront Identity Manager.
See here: http://www.microsoft.com/windowsserver2008/en/us/ida-identity-lifecycle-management.aspx
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34196753
0
 
LVL 49

Expert Comment

by:Akhater
ID: 34196791
@demazter he wants it the other way around, from live to AD and not from AD to live.

it cannot be done
0
 
LVL 74

Expert Comment

by:Glen Knight
ID: 34196855
I am not sure 100% I am working on a project with an education provider at the moment and this is the product that has been suggested.
The Sync as far as I am aware is both ways, I may well be wrong (it has been known).

0
 

Author Comment

by:sobrienmsm
ID: 34196924
How does an institution then allow a student to reset their forgotten passwords?

Students can reset their passwords in Outlook Live, but doesn't it then get replaced with the Active Directory password once the next OLSync sync operation is performed?

Given students can reset their mailbox passwords in Outlook Live, and the fact that we can't extract the password from the Live@Edu Exchange 2010 servers, how does an academic institution deal with resetting forgotten passwords?
0
Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

 
LVL 49

Expert Comment

by:Akhater
ID: 34196980
reseting password all happen in one place AD and OLSync will replicate with Outlook Live.

OLSync only allows sync from On Premises to Outloook live
0
 

Author Comment

by:sobrienmsm
ID: 34197038
Can the ability to reset your password ("Forgot your password" link) be turned off in Outlook Live (https://outlook.com)?

Students shouldn't be allowed to reset and/or change their Outlook Live passwords via Outlook Live if Outlook Live can only be managed through an on-premises Active Directory.
0
 
LVL 49

Assisted Solution

by:Akhater
Akhater earned 500 total points
ID: 34197094
yes you can

Block Password Reset
You can now control your users’ ability to reset their password. To access this capability, sign in to the SMP and click on Domains.
0
 

Author Comment

by:sobrienmsm
ID: 34197241
Would this also block their ability to fill in the password reset information such as, an alternative email address, a mobile number, security questions, etc?

I would still want our students to reset their passwords on their own and have this new password recorded in Active Directory.  How would we then allow the students to reset a forgotten password on our end?  I suppose through a web portal maybe, using LDAP, and the Password Change Notification Service (PCNS) to have it synchronized back to Outlook Live?  Would anyone happen to have some simple code for this?  

At this point, I am looking for an automated password reset solution that I can apply here on my on-premises Active Directory and then have replicated to Outlook Live through OLSync.  A solution I can implement through a web portal.
0
 
LVL 49

Assisted Solution

by:Akhater
Akhater earned 500 total points
ID: 34197382
you will need to use the self service password reset of ILM or something like that
this will not allow users to change or reset password on outlook live
0
 

Author Comment

by:sobrienmsm
ID: 34197449
Yes, but I could install the Password Change Notification Service (PCNS) on Active Directory to push out any password changes to Outlook Live through OLSync.  If I'm not mistaken, I believe this is what some institutions have set up.
0
 
LVL 49

Assisted Solution

by:Akhater
Akhater earned 500 total points
ID: 34197778
this is the only way to do it as far as i know

i have done live@edu integration and microsoft input for password sync was to disable password changes on outlook live, implement self service portal on fim to reset passwords and let olsync sync passwords
0

Featured Post

Integrate social media with email signatures

Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

Join & Write a Comment

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Synchronize a new Active Directory domain with an existing Office 365 tenant
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now