Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1026
  • Last Modified:

Dirsync setup

Hi,
We have a Server 2003 domain running Exchange 2003, I also have a server 2008 r2 member server. We have purchased an Office 365 subscription to replace the in-house Exchange.
I have been reading up on dirsync and want to use it to keep the domain and O365 login details in sync. My questions are:
1. can i install dirsync and use it to populate the O365 environment with all the users in advance of the cut over to O365 for email delivery, i.e with internal Exchange still running?
2. i know i have to create an OU in AD to put all the existing AD users in that will have O365 accounts, do I also need to add a UPN name in AD, is this the 'user logon name (pre windows 2000)' if so does this name need to be the same as the email address in O365?
Thanks
Andrew
0
activateahsd
Asked:
activateahsd
  • 7
  • 6
1 Solution
 
Vasil Michev (MVP)Commented:
1) If you are going for cutover migration, you dont need dirsync. It will not allow you to actually perform this if you have dirsync running. Don't worry about the details, the migration process will connect to the on-prem server and get everything from the GAL (apart from hidden objects). You can run dirsync after the migration is over.

2) If you are going to use a custom domain with Office 365, make sure you add this domain as UPN suffix in your AD. Then, change the UPNs of every user you are going to migrate to the cloud to match the new UPN suffix. The UPN and primary email address do not need to match.

Here is the article on cutover migration just in case:

http://help.outlook.com/en-us/140/Ff628719.aspx

Compare different types of migration:

http://help.outlook.com/en-us/140/538c48ad-4a3d-4777-be1b-7fc533ca45eb#migrationmatrix
0
 
activateahsdAuthor Commented:
Hi, Thanks for the info, really useful.
I think I have got my terminology wrong, as per the microsoft definition I am not doing a 'cut-over' migration. There are only 22 users and they want blank new mailboxes with historical email only available as a locally storted pst file.
So I think what I need to do is manually create the 22 users in O365, then alter the MX records so email starts flowing via O365 rather than internal Exchange. At that point I guess I need to amend the users AD logins to be the new UPN which matches their O365 login (and their primary email address). Once that it done I can install dirsync to keep AD password changes in sync with O365 credentials.
Have I understood it right?
Thanks
Andrew
0
 
Vasil Michev (MVP)Commented:
Go with staged migration instead, you can have dirsync running from the start with it:

http://help.outlook.com/en-us/140/ff959224.aspx

You will need a valid CA certificate for Outlook Anywhere, if you don't have such you can get one for free from comodo or startssl.com.

Doing things manually will also work, but will probably get you into more issues. Just update the UPNs first, set up dirsync and proceed with the migration. Once you read the articles it's not that complicated :)
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
activateahsdAuthor Commented:
Hi - they dont want to import anything to the new mailboxes. Can I install dirsync after everything is up and running just to keep password changes synced?
0
 
Vasil Michev (MVP)Commented:
OK, the idea behind all those methods is to migrate not only the account (and their corresponding attributes), but also the mailbox data associated with them. If you are NOT going to migrate any mail, all you need is dirsync.

Sorry if I have misunderstood you :)

Just to make sure you have displayName set for any groups you want to migrate, otherwise the dirsync process will just skip them.
0
 
activateahsdAuthor Commented:
Hi, your being very helpful thank you.
Sorry if I am asking dumb questions, I have moved all my required users into a new OU in AD in preparation, when you mention displayname are you talking about the users 'simple display name' in Exchange?
0
 
Vasil Michev (MVP)Commented:
No, the actual displayName attribute.
0
 
activateahsdAuthor Commented:
sorry but where do i find that?
thanks.
0
 
Vasil Michev (MVP)Commented:
Oh, 2003 domain? Use adsiedit.msc :)

Couldn't find a nice guide with screenshots and all, so here's a link to a similar question on EE: http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_27462346.html
0
 
activateahsdAuthor Commented:
of course, thanks!
So its the OU group I have to set the displayName attribute on? Does it have to be anything in particular?
Thanks.
0
 
Vasil Michev (MVP)Commented:
No, no. This is for group objects, such as mail enabled security groups/distribution groups. The default dirsync filters will exclude any such objects that don't have displayName set. So if you want to migrate them as well, make sure the attribute is populated.

If you plan to create them manually or don't want to copy them to the cloud, ignore this.
0
 
activateahsdAuthor Commented:
OK thanks for all your help, really useful knowledge for my first O365 setup!
cheers
Andrew
0
 
activateahsdAuthor Commented:
Really good expert!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now