Yesterday, Microsoft announced the launch of the Office 365 IT Pro Network, a new Yammer group open to anyone with a technical interest in Office 365. The Office 365 IT Pro Network is the place you can go to find and connect with other IT Pros working on Office 365, learn about new product information and resources from Microsoft, and share information with the broader technical community.
I ran into a customer this week that had a requirement to partially synchronize certain user’s attribute to the cloud due to security concern without interrupting or degradation the service.
I found the following three filtering configuration types that can be applied to the Directory Synchronization tool: (TechNet Article:http://technet.microsoft.com/en-us/library/jj710171.aspx)
- Organizational-unit (OU)–based: You can use this filtering type to manage the properties of the SourceAD Management Agent in the Directory Synchronization tool. This filtering type enables you to select which OUs are allowed to synchronize to the cloud.
- Domain-based: You can use this filtering type to manage the properties of the SourceAD Management Agent in the directory synchronization tool. This type enables you to select which domains are allowed to synchronize to the cloud
- User-attribute–based: You can use this filtering method to specify attribute-based filters for user objects. This enables you to control which objects should not be synchronized to the cloud.
However I could not find some information about how to filter some attributes and partially synchronize the objects. After some testing I found there is an easy way to accomplish that.
Thought of writing the step-by-step process, which might be helpful for some of you.
1. After having installing Windows Azure Active Directory Sync tool and From your DirSync Server navigate to <Drive>\Program Files\Microsoft Online Directory Sync\SYNCBUS\Synchronization Service\UIShell
2. Double click on miisclient.exe
3. This opens a console something similar to the below screen capture
4. Click on Management Agents
5. Double click on Active Directory Connector (see next screenshot)
6. Click on Configure Extensions (see next screenshot)
7. Search for the attributes that you are not interested in synchronizing and click delete (see next screenshot) – You may re-add the attribute if needed.
8. Perform a full sync
- On the Management Agent tab, right-click Active Directory Connector, click Run, click Full Import Full Sync, and then click OK.
- Right Click on Windows Azure Active Directory Connector, click Run, click Full Import Full Sync Sync, and then click OK.
- Right Click on Windows Azure Active Directory Connector, click Run, click Export, and then click OK.
9. You can also force run DirSync using the following PowerShell command.
- From your dirsync server open PowerShell console as Administrator
- Navigate to “C:\Program Files\Microsoft Online Directory Sync”
- Run .\DirSyncConfigShell.psc1
- Now execute Start-OnlineCoexistenceSync commendlet.
10. Verify only the Filtered users’s attributes are populated to Office365 from office365 user management.
Note: It is very important to remember that Filtering configurations applied to your directory synchronization instance aren’t saved when you install or upgrade to a newer version. If you are upgrading to a newer version of directory synchronization, you must re-apply filtering configurations after you upgrade, but before you run the first synchronization cycle.
ltering configurations after you upgrade, but before you run the first synchronization cycle.
Early this week at SPC 2014 (SharePoint Conference), Microsoft announced the release of OneDrive for Business as a stand-alone subscription adding another building-block to the Office 365 family.
IT organization will now how the option to offer their end-user a simple and intuitive way to sync, share and store information in the cloud allowing employees to collaborate on Office documents in real time via a browser or using their Office desktop applications. Likewise, IT organization will continue retaining control and assuring compliance of data stored in cloud thanks to the directory synchronization capabilities.
The subscription to OneDrive for Business is currently as a part of Office 365 plans and SharePoint Online plans. However, starting April 1, 2014, OneDrive for Business with Office Online will be available also as a standalone service. The standalone offer gives each user 25 GB of cloud storage with the option to purchase additional storage.
For more information about the OneDrive for Business, visit: https://www.onedrive.com