Link to home
Start Free TrialLog in
Avatar of SeaSenor
SeaSenorFlag for United States of America

asked on

DirSync question- password sync ONLY

Hi all,

I have a windows 2012R2 network with about 250 users. They are set up in security groups/OU's etc for permission needs to certain folders/files.
I also have Office 365 I'm using for exchange, and have Distribution only groups set up there.

The two systems are quite different in group memberships.

My question is:  Can I set up dirsync and not have it change/migrate any groups or memberships, and just sync the password only of users?
SOLUTION
Avatar of Raheman M. Abdul
Raheman M. Abdul
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of SeaSenor

ASKER

Does it automatically create a user in Office 365 if I create a user in my local AD?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
All the users I need are already in Office 365.
They have the identical domain name (email address) as my local domain users.

will I get the dreaded double users scenario in office 365 that I read about?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
The users were in fact migrated earlier. I just kept it all separate due to the group membership discrepancies.  Would they have an ImmutableID in that case?
Define migrated, did you use dirsync previously? You can easily check if the ImmutableID is populated via PowerShell:

Get-MsolUser -UserPrincipalName user@domain.com | fl ImmutableID

Open in new window


Or in general:

Get-MsolUser -All | ? {$_.ImmutableId -ne $null}

Open in new window

No dirsync ever yet.  
I just migrated the mailboxes from our on premise Exchange 2010 servers.
After that I set up distribution groups and added users accordingly.
Other than password sync I have no desire to sync them. I'm wondering if it's worth it even then.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I don't have any exchange servers on prem. They were removed long ago after the migration.

I don't have any desire to manage them on prem either really.  
Just wanted to know if it was possible to sync passwords only without dirsync messing with anything else.
the ImmutableID's are blank from what I can tell.
Not worth it in the long run I guess.  The convenience of having users with one password seems neutralized by having the additional overhead of running dirsync and on prem server to maintain.