?
Solved

.LOCAL domain question ..... Office 365 Directory Sync.

Posted on 2014-10-29
3
Medium Priority
?
1,024 Views
Last Modified: 2014-10-29
Greetings. We're using FIM with DirSync for Exchange Online Protection now, but will be moving to the full Office 365 shortly.

A recommended tool from Microsoft is IDFix.  This scans your active directory prior to a sync to identify objects that will not sync correctly to Azure AD.

IDFix notifies us that all objects with .LOCAL SMTPs will not sync correctly.

That's essentially every mail enabled object.

Question:  do we even need .LOCAL user addresses any more ?  All mail uses our fqdn, including internal.

Thanks much.
Stephen

Mail server currently is Exchange 2010 SP3.  All certs are trusted (not internally generated CA).
0
Comment
Question by:lapavoni
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 1000 total points
ID: 40411394
Your AD domain can be .local, but there is no reason any of your users should have a .local proxyAddress.
0
 
LVL 2

Assisted Solution

by:jparedis
jparedis earned 1000 total points
ID: 40412069
As Cliff said, there is no need to change the entire config of your domain. That part can continue on using .local as a suffix.

However, all the users you want to enable in Office 365 need an internet - routable UPN. (this is not entirely, through, workarounds exists, see http://vanhybrid.com/2014/04/10/windows-server-2012-r2-update-enables-adfs-to-use-alternative-login-id-possibly-removing-the-need-to-have-an-internet-routable-upn/ )

If you cannot use 2012 R2 ADFS, or you dont want to implement alternative login id, you have to follow the steps, properly described in http://technet.microsoft.com/library/jj151831.aspx#BKMK_UPN
0
 

Author Closing Comment

by:lapavoni
ID: 40412091
Thanks for the information.  We're running 2008 (functional level), but the TechNet link was useful. We already have the correct alternative UPNs, so it's just a matter of removing those .local proxy addresses from each mail-enabled account.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft is moving in-place eDiscovery & hold from ECP to EOP console under Content Search in Search and Investigation Options.  In this post, I will be showing you how to export emails to a PST file using the Content Search Options.
New style of hardware planning for Microsoft Exchange server.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month13 days, 8 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question