By default AD Connect automatically syncs to Azure AD every 30 minutes. Although this works fine in most companies, it could be considered too long a period if there is a high rate of change within an organisation.
To alter the default sync period use Powershell
Set-ADSyncScheduler -CustomizedSyncCycleInterval 00:05:00
The above command sets the sync period to 5 mins. It's important that you do not set the sync period too low, so that sync jobs don't begin to clash. A delta sync should not take a full 5 minutes unless the AD of a large enterprise scale.
Showing posts with label AD Connect. Show all posts
Showing posts with label AD Connect. Show all posts
Friday, 16 November 2018
Tuesday, 2 October 2018
Update all user "targetAddress" and "proxyAddress" attributes in AD using Powershell for Exchange Hybrid
AD attributes are important when you have a hybrid setup from your on premise Exchange to Office 365, the following script will help retrospectively publish the required objects to your domain users so that hybrid mail flow works correctly.
Review this article for details on AD attributes in Exchange with hybrid connectivity.
http://blog.ryanbetts.co.uk/2018/09/understanding-ad-attributes-in-exchange.html
The following command can be used to export a list of users to a CSV file, you should change the OU path to suit your own environment. Once you have a list of users copy and paste them into a blank text document.
The following command will set the "targetAddress" attribute for every user listed in the text file.
The "targetAddress" is used when on premise mailboxes try to send mail to Office 365 mailboxes.
Remember to capatilise SMTP as this will ensure it's the primary email adress.
The following command will append the FQDN, your public domain should be set as the primary so ensure caps are used with SMTP.
A second pass of the same command will add the additional proxy address which should be tenantname.mail.onmicrosoft.com
When you sync the AD to AAD using AD Connect the x500 entry will also appear under proxyAddresses.
Review this article for details on AD attributes in Exchange with hybrid connectivity.
http://blog.ryanbetts.co.uk/2018/09/understanding-ad-attributes-in-exchange.html
The following command can be used to export a list of users to a CSV file, you should change the OU path to suit your own environment. Once you have a list of users copy and paste them into a blank text document.
|
Get-ADUser -SearchBase "OU=Standard
Users,OU=User Accounts,OU=Grand Cayman,OU=Company X,DC=domain,DC=com" -prop
* -Filter
* |
Select samaccountname
| Export-CSV
C:\Users\Administrator\Desktop\Users.csv
|
The following command will set the "targetAddress" attribute for every user listed in the text file.
The "targetAddress" is used when on premise mailboxes try to send mail to Office 365 mailboxes.
Remember to capatilise SMTP as this will ensure it's the primary email adress.
|
Get-Content C:\Users\da.ryan.betts\Desktop\O365Users.txt | % { Set-AdUser $_ -add @{targetAddress="SMTP:$_@companyx.mail.onmicrosoft.com"}}
|
The following command will append the FQDN, your public domain should be set as the primary so ensure caps are used with SMTP.
|
Get-Content C:\Users\Administrator\Desktop\O365Users.txt | % { Set-AdUser $_ -add @{proxyAddresses="SMTP:$_@companyx.com"}}
|
A second pass of the same command will add the additional proxy address which should be tenantname.mail.onmicrosoft.com
|
Get-Content C:\Users\Administrator\Desktop\O365Users.txt | % { Set-AdUser $_ -add @{proxyAddresses="smtp:$_@companyx.mail.onmicrosoft.com"}}
|
When you sync the AD to AAD using AD Connect the x500 entry will also appear under proxyAddresses.
Thursday, 13 October 2016
AD Connect syncing msExchangeMailboxGuid object causes "This user's on-premises mailbox hasn't been migrated to Exchange Online. The Exchange Online mailbox will be available after migration is completed." for new Office 365 mailboxes
When you try to open a new mailbox for an Office 365 users you get the
following error;
"This user's on-premises mailbox hasn't been migrated to Exchange
Online. The Exchange Online mailbox will be available after migration is
completed."
AD Connect is configured to sync users, groups and passwords from the
existing Active Directory (SBS 2011), however the option for “Exchange Hybrid
Deployment” was not selected on purpose. This is because in this particular
case the migration was for 6 users, therefore a PST export/import was done to
migrate the e-mails, contacts and calendars.
The root of the problem is because the Active Directory attribute msExchangeMailboxGuid is being synced
to Azure AD in Office 365, when it’s not required.
You have to edit a configuration inside AD
Connect (it’s actually FIM 2010 R2 under the covers). To open the configuration
panel for FIM, browse to C:\Program
Files\Microsoft Azure AD Sync\UIShell and launch miisclient.exe.
Click Connectors
and select the connector for your local Active Directory and choose Properties.
Click Select
Attributes and scroll until you find msExchangeMailboxGuid, if you have the
same problem as me this will be selected. Simply disable this attribute.
You then have to delete the old reference to the
msExchangeMailboxGuid from the FIM Connector Space. To do this select the
Active Directory management agent (also known as a “connector”), and choose Delete. Read the next part
properly.
Ensure that Delete
Connection Space Only is selected and click OK.
It will ask you to confirm you want to delete
data from the connection space, click Yes.
If you did delete the entire connector, you could provision again by
running the AD Connector wizard. This is fine if you have not made any major
modifications to your AD Connect configuration.
Use the following PowerShell command to force an
entire sync across AD Connect;
Start-ADSyncSyncCycle
-PolicyType Initial
You should notice updates when the Operations
complete.
Now if you return to Office 365, you should see
the following.
Subscribe to:
Posts (Atom)