On Demand Migration Current - Active Directory SID History Synchronization Quick Start Guide

This section provides the steps to set up SID History Synchronization for Microsoft Active Directory Environments.

To begin at least two Active Directory environments must be configured in Directory Sync. At the end of this section there will be two Active Directory environments fully configured.

An environment is an end-point connection that can control the scope of objects read. This guide will walk through how to create the source and target active directory environments.

To create a local AD environment, the following are required

• One Local Administrator Account for each Microsoft Forest and/or Domain that has permissions to create, update or delete depending on the scope of your Directory Sync workflows, this Administrator Account should also meet the SID History synchronization requirement as stated in Account Permissions section above.
• One Windows Server to install and host the Directory Sync Agent.

Follow these steps to setup the cloud environment endpoints.  

1. Navigate to Environments.
2. Click the New button.
3. Click Local as the environment type. Click Next.
4. Name the environment. Click Next.
5. Name the local agent. Click Next.
6. Note the agent registration URL and registration Key for later use. Click Finish.
7. Install the agent in the Windows Server that is joined to the local AD domain.  
   1. Launch the Directory Sync Agent installation in the target workstation or server
   2. Accept the license agreement and click Next.
   3. Enter the target active directory environment information by providing the following:
      • Domain Name
      • Global Catalog Server
      • Username
      • Password
      • Enter the Directory Sync Registration URL and Agent Registration Key information
   4. Click Next.
   5. In the SID History Migration section, you may skip this step if SID History Migration is not part of your project scope.
   6. Click Next.

   NOTE: Refer to the On Demand Migration Active Directory User Guide for detailed information about agent installation and set-up requirements.

8. Once the agent is installed and the environment is discovered, click Setting to access the local AD environment setting page.
9. Click on the Organization Unit tab and define the OU filter based on your project scope.
10. Click on the Filters tab and define any LDAP filter based on your project scope.
11. Click Save.
12. Repeat steps 2 – 11 for the next local environment

Before we can build our workflow, it is best to set up your template(s). Templates contain common mappings and settings used to sync Users, Contacts, Devices, Groups, Office 365 Groups and Microsoft Teams. A template can then be applied to any workflow with a Stage Data step.

For the purpose of this guide, the following template will need to be configured to perform SID History synchronization.  Additional templates may be created based on your project requirements.

• Local to Local SID History Sync

1. Navigate to Templates.
2. Click New.
3. Name and Describe the template.
4. In our example, we will name our template “Local to Local SID History Sync”. Click Next.
5. Click Local as the source environment type. Click Next.
6. Click Local as the target environment type. Click Next.
7. Set CREATE NEW USERS AS = AS-IS
8. Set UPDATE CREATED USERS= ENABLE
9. Set UPDATE MATCHED USERS= ENABLE
10. Set IF TARGET ADDRESS EXISTS setting as OVERWRITE ONCE.
11. Click Next.
12. Set CREATE GROUPS AS = AS-IS
13. Set UPDATE CREATED GROUPS = ENABLE
14. Set UPDATE MATCHED GROUPS = ENABLE
15. Set Convert Group Options with default settings:
    1. DOMAIN LOCAL GROUPS = DOMAIN LOCAL
    2. GLOBAL GROUPS = GLOBAL
    3. UNIVERSAL GROUPS = UNIVERSAL
16. Click Next.
17. Set CREATE NEW CONTACTS AS = AS-IS
18. Set UPDATE CREATED CONTACTS = ENABLE
19. Set UPDATE MATCHED CONTACTS = ENABLE
20. Click Next.
21. Set CREATE NEW DEVICES AS = SKIP
22. Set UPDATE CREATED CONTACTS = DISABLE
23. Set UPDATE MATCHED CONTACTS = DISABLE
24. Click Next.
25. Enter a default password. Click Next.
26. Check SYNCHRONIZE SID HISTORY checkbox. Click Next.
27. Under mappings, we can leave the settings as default or update them based on your project requirements.
28. Click Next.
29. Click Finish.