• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 518
  • Last Modified:

DirSync - Office365 filter

I am using Office365 integrated with Microsoft DirSync (Directory Synchronization). I am using the password synchronization feature and it Works great

Now I want to bypass/filter password syncronization for few users in my network. This is because they are Office365 users only (They don't use Active Directory Accounts inside the network). So they need to change their passwords throw the Office365 Portal

How can I filter the password synchronization feature for these few users?
0
Schnell Solutions
Asked:
Schnell Solutions
  • 2
1 Solution
 
Vasil Michev (MVP)Commented:
Can you please double-check your post, it doesn't really make much sense. Why would you need to filter them if the don't have AD accounts? :)

Here are the instructions just in case:

http://technet.microsoft.com/en-us/library/jj710171.aspx

You can also use the WAAD PowerShell module to change the password of a synchronized user.
0
 
Schnell SolutionsSystems Infrastructure EngineerAuthor Commented:
Hello Vasilcho,

I want to centrally adminístrate all the users properties using Active Directory. I just want to avoid password synchronization for few of them. In this way, I will be able to créate and edit my users from the Internet network. For the case of these few users, as far as they don't use computers inside the domain, when they need to change their passwords they won't be able to make it. However, if the password attribute for them is not synchronizing, them they will be able to change it logging in throw Office365

Any one knows what I need to do in order to filter "just" password syncronization for few users?
0
 
Vasil Michev (MVP)Commented:
No, there isn't such option:

http://social.technet.microsoft.com/wiki/contents/articles/18096.dirsyncwindows-azure-ad-password-sync-frequently-asked-questions.aspx#Can_I_control_which_passwords_synchronize_to_the_cloud

The only exception to that is when you have federated users (AD FS), but in such scenario you again manage the passwords on-prem, so it is of no use to you.

You can always submit a feedback to request this as a feature in next versions of dirsync trough your Microsoft Partner or from here:

http://g.microsoftonline.com/0BX11EN/135
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Unfortunately, this is one of the drawbacks of DirSync -- users cannot change their password online.  Which means that Office365 ONLY users are unable to change their passwords.  This is because sync is ONE-WAY (on-prem ----> cloud) so any changes to their PW's in the cloud will be overwritten by the on-prem settings.

There are a couple of work-around tools to allow for online password changes:

ForeFront Identity Manager
SysOp Tools Password Reset Pro

The other option is to deploy a virtual Windows 7/8 machine that these users can access via RDP -- but that is a bit cumbersome when they just need to change an expiring password.

Jeff
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now