We help IT Professionals succeed at work.

How do we keep domain and office 365 hosted exchange  passwords in sync with sbs 2011 standard?

Last Modified: 2018-10-31
Sorry if this seems so ignorant.

A couple different companies are moving to office 365 for hosted exchange from their sbs 2011 standard network (We'll keep the server around for file sharing for now).  Each location has about 15 users.

I know from dealing with SBS essentials that it keeps the domain passwords in sync with the office 365 hosted exchange passwords.

There's a DIrSync tool I walked through in office 365 admin and it dissuades you from doing that for less than 50 users.

a) do you agree that there's no need / not wanted to keep the office 365 password in sync with the inhouse domain computer login password?
b) If you don't agree, with SBS 2011 standard, what are the options to be able to keep them in sync?  I thin k I saw something about azure active directory.  is that the only way?
c) If Azure AD is needed, what's the cost?  That's a different interface, exprience than office 365?  Is pricing like office 365 (a flat amount per month) or does it depend on usage - number of accesses, etc?

there;s likely loads of more questions I have once I get pointed in the right direction.,
Watch Question

Saif ShaikhServer engineer

yes Azure AD is good option for syncing password from onpremise. You cannot install Azure AD connect on an SBS server since it uses it own SQL database.

You need to have a separate member server joined in domain.

We need the Azure AD server with Windows 2008 R2 SP1 and above operating system for installation of AD Connect. The following versions of the Windows Server operating system are supported for DirSync:
•      Windows Server 2008 R2 Standard, Enterprise or Datacenter edition with SP1 or later
•      Windows Server 2012 Standard or Datacenter
•      Windows Server 2012 R2 Standard or Datacenter
Saif ShaikhServer engineer

Before implementing Azure AD connect aka dirsync you need to Set UPN on all users to match the Primary SMTP address in AD. for all syncing users i.e. from .local to .com

So basically you can go to domains and trust and add the UPN for the domain which is registered in O365 tenant.
Saif ShaikhServer engineer

c) If Azure AD is needed, what's the cost?  That's a different interface, exprience than office 365?  Is pricing like office 365 (a flat amount per month) or does it depend on usage - number of accesses, etc?

Azure AD connect is implemented in your onpremise environment so there is cost with regards to hardware and no cost with regards to O365 license and all.
OK, maybe I'm not asking the right question? Or you misunderstood?

Or more likely - this just reaffirms my thinking that Microsoft is soooo convoluted and F__d up.

Their Azure AD, based on Azure, their CLOUD BASED SERVERS.... needs MORE hardware at my office and is implemented in house?
Saif ShaikhServer engineer

Yes, If you need to sync passwords then yes no choice.

If you do not want to sync passwords, then users domain password and email password will be different.

You also have an option to install Azure AD connect on a DC if it has the above requirement of OS passed just to SAVE HARDWARE COST..........................MICROSOFT.........................
what do most people do?  why do they call it azure AD then?  

So am I way off base? i thought Microsoft is pushing everything to the cloud... you have your onedrive for shared files, hosted exchange.  And AD in the cloud. So people at work have just desktops, no servers in the office?
Server engineer
This one is on us!
(Get your first solution completely free - no credit card required)

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.