Solved

.LOCAL domain question ..... Office 365 Directory Sync.

Posted on 2014-10-29
3
865 Views
Last Modified: 2014-10-29
Greetings. We're using FIM with DirSync for Exchange Online Protection now, but will be moving to the full Office 365 shortly.

A recommended tool from Microsoft is IDFix.  This scans your active directory prior to a sync to identify objects that will not sync correctly to Azure AD.

IDFix notifies us that all objects with .LOCAL SMTPs will not sync correctly.

That's essentially every mail enabled object.

Question:  do we even need .LOCAL user addresses any more ?  All mail uses our fqdn, including internal.

Thanks much.
Stephen

Mail server currently is Exchange 2010 SP3.  All certs are trusted (not internally generated CA).
0
Comment
Question by:lapavoni
3 Comments
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 250 total points
Comment Utility
Your AD domain can be .local, but there is no reason any of your users should have a .local proxyAddress.
0
 
LVL 2

Assisted Solution

by:jparedis
jparedis earned 250 total points
Comment Utility
As Cliff said, there is no need to change the entire config of your domain. That part can continue on using .local as a suffix.

However, all the users you want to enable in Office 365 need an internet - routable UPN. (this is not entirely, through, workarounds exists, see http://vanhybrid.com/2014/04/10/windows-server-2012-r2-update-enables-adfs-to-use-alternative-login-id-possibly-removing-the-need-to-have-an-internet-routable-upn/ )

If you cannot use 2012 R2 ADFS, or you dont want to implement alternative login id, you have to follow the steps, properly described in http://technet.microsoft.com/library/jj151831.aspx#BKMK_UPN
0
 

Author Closing Comment

by:lapavoni
Comment Utility
Thanks for the information.  We're running 2008 (functional level), but the TechNet link was useful. We already have the correct alternative UPNs, so it's just a matter of removing those .local proxy addresses from each mail-enabled account.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

If you don't know how to downgrade, my instructions below should be helpful.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now