Learn the top ten threats that are present in modern web-application development and how to protect your business from them.
DirSync server - setup effects?
I have a 100% on-premise setup going currently, with Active Directory and Exchange. Windows 2012 R2 servers, and 2008 R2 servers.
We have O365 licenses that are not being used, unfortunately. I want to sync a pilot group to start using things like Skype for Business, and SharePoint online, then later down the road have a hybrid Exchange setup.
Couple issues I noticed, however, is there are a couple hundred accounts already sitting in O365, that appear to be the result of a screwy sync a while back. I don't think deleting them will do anything, as I know nobody in the organization is using O365 for anything (besides people like me with an Admin account that can login and manage stuff).
Is there any harm in removing all those accounts from O365, and re-deploying a DirSync server? Deploying the DirSync server, does that start automatically doing things an admin wouldn't want it to do? Or when deploying, am I setting it up on my terms? Like being able to only select a specific OU for syncing (like my pilot group)?
Lastly (I think), is there a need to verify our federated domain (we'd be authenticating with O365 with our UserPrincipalName) with an mx or txt record or anything, or is that only for Exchange Online?
We have O365 licenses that are not being used, unfortunately. I want to sync a pilot group to start using things like Skype for Business, and SharePoint online, then later down the road have a hybrid Exchange setup.
Couple issues I noticed, however, is there are a couple hundred accounts already sitting in O365, that appear to be the result of a screwy sync a while back. I don't think deleting them will do anything, as I know nobody in the organization is using O365 for anything (besides people like me with an Admin account that can login and manage stuff).
Is there any harm in removing all those accounts from O365, and re-deploying a DirSync server? Deploying the DirSync server, does that start automatically doing things an admin wouldn't want it to do? Or when deploying, am I setting it up on my terms? Like being able to only select a specific OU for syncing (like my pilot group)?
Lastly (I think), is there a need to verify our federated domain (we'd be authenticating with O365 with our UserPrincipalName) with an mx or txt record or anything, or is that only for Exchange Online?
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
Cool ok thanks.
So verifying the domain doesn't cause on-premise issues, right? It just sends a message to Microsoft that "yes this is our domain", basically?
So verifying the domain doesn't cause on-premise issues, right? It just sends a message to Microsoft that "yes this is our domain", basically?
As long as you dont update any other DNS record (i.e. skip the 'recommendation' that Microsoft will show you as part of the process), you should be fine.
Also we don't have licensing for Azure. Just the school licensing for O365.
Is there a different download I need to get? Or should the DirSync download that I need be available within the Admin center of O365?
Is there a different download I need to get? Or should the DirSync download that I need be available within the Admin center of O365?
You dont need it, it's already included with O365. Unless you are talking about Azure AD Premium, but the features AAD Premium offers are all optional.
Ok thanks and one more Q if you don't mind.
I installed the tool and unchecked the post-install option to run a full sync.
I rebooted and logged back in.
I had to research to find what tool to run for container-specific synchronizing, and I found/ran "C:\Program Files\Windows Azure Active Directory Sync\SYNCBUS\Synchronizati
However I show two entries here...
Which one do I edit properties on to sync?
I installed the tool and unchecked the post-install option to run a full sync.
I rebooted and logged back in.
I had to research to find what tool to run for container-specific synchronizing, and I found/ran "C:\Program Files\Windows Azure Active Directory Sync\SYNCBUS\Synchronizati
However I show two entries here...
Which one do I edit properties on to sync?
Hmm ok thanks. Well whatever happened, I hadn't run any sync yet, but I can't seem to log back into my tenant with my tenant login, lol. It was username@Company.OnMicroso
Well that was coincidental, and very confusing, LOL.
So here's what happened.
I just had another admin login and reset the password to one of my other admin accounts.
When I logged in, I couldn't find the user I was able to login with before (user@domain.onmicrosoft.c
Instead when searching my last name, I found my AD account which said "Synced with Active Directory".
So I'm wondering if the sync didn't delete my user@domain.onmicrosoft.co
I just need to figure out how to remove the ADFS redirect, whether that's in O365 or DNS zone file, then I think I'm good.
Whatever happened though, didn't affect the other admin. I can still login with my other admin account user2@domain.onmicrosoft.c
So here's what happened.
I just had another admin login and reset the password to one of my other admin accounts.
When I logged in, I couldn't find the user I was able to login with before (user@domain.onmicrosoft.c
Instead when searching my last name, I found my AD account which said "Synced with Active Directory".
So I'm wondering if the sync didn't delete my user@domain.onmicrosoft.co
I just need to figure out how to remove the ADFS redirect, whether that's in O365 or DNS zone file, then I think I'm good.
Whatever happened though, didn't affect the other admin. I can still login with my other admin account user2@domain.onmicrosoft.c
Seems like you soft-matched the account (http://support.microsoft.com/kb/2641663)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Office 365
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
For the custom domain, if you are planning to use it for UPN, you need to verify it. It's best to verify all other domains for which you have smtp/sip addresses as well, but that's mostly relevant once you start using EO. And of course if you are planning to use SSO, the domain needs to be verified.