Synchronizing Azure Active Directory objects to Office 365

 

The recommended approach is as follows:

Use this article from Microsoft for the most up-to-date information: Set up Directory Synchronization

  1. Download and install AAD Sync or AAD Connect (if you need support for federation).
  2. Set msExchMailbxoGuid to Null.  Read How can I set msExchMailboxGuid attribute to null for more information.
  3. Configure filtering to define which objects are synced. Read the Azure AD Connect sync: Configure filtering article from Microsoft for more information.
  4. Use Microsoft AAD Sync or AAD Connect to create and synchronize the accounts from the On-premises environment to Office 365.
  5. Assign Office 365 licenses to accounts on Office 365.
  6. Remove the null attribute from the msExchMailboxGuid, using the Synchronization Rules Editor.
  7. Perform another synchronization, using AAD Connect (or AAD Sync).
  8. Migrate, using MigrationWiz.

    Note: This step can also be initiated after Step 4, once the licenses have been assigned.

 

Important:

  • If the local Active Directory (AD) schema has not been extended to support Exchange, then the steps above to set msExchGuid attribute to null are not needed. Synchronization can be run in the normal manner.
  • If you have previously used DirSync from an environment where the local AD supports Exchange, you cannot set the msExchangeMailboxGUID to null, because this is not supported by DirSync. Therefore, we recommend that you instead use AAD Sync or AAD Connect to rectify this problem, by following the steps outlined above.
  • If you do not set the msExchMailboxGuid to null, before running a synchronization from an environment where the local AD supports Exchange, all of the On-Premises Exchange attributes for each user will be synchronized, including the MailboxGuid attribute. If users are created in this state on Office 365, an Exchange Online license cannot be activated unless Mailbox Replication Services (MRS) is used to perform the mailbox move, or the steps above are followed to rectify this problem.
  • Once the users have been created on Office 365, and the licenses have been activated, then you can start using DirSync, AAD Sync, or AAD Connect in the normal manner. The problem is limited to the user creation and license enablement (when the local AD supports Exchange).
  • If the mailboxes are on an Exchange Server in the local AD, Office 365 accounts can be created using one of the following methodologies.

    Note: Licenses will also need to be assigned to the users, once they have been created.
    • AAD Sync or AAD Connect. Follow the instructions detailed in the recommended approach above.

    • Manually, one at a time.

    • By bulk import, via CSV file.

    • BitTitan DirSync tool.

 

Was this article helpful?
1 out of 9 found this helpful