The following Quick Start Guides have been created to assist with common directory sync scenarios.
The following Quick Start Guides have been created to assist with common directory sync scenarios.
To prevent an invitation being sent when a Guest user is created, modify the default mappings for the property named SendInvitationMessage to be False before creating your Guest users.
Follow these steps to complete this task:
- From the landing page or the application menu, choose Directory Synchronization
- Open the left navigation menu
Select Templates under Setup
Figure 2: Navigate to Templates
- Locate the template to be modified
- Select the template then click Settings
- Navigate to the Mapping tab
- Search for the attribute SendInvitationMessage
Double click the resulting record to open for editing
Figure 3: Example Search within Template Mapping Tab
- Once open, click Advanced
Modify the default value of “True” to be “False”
Figure 4: Example of Advanced Mapping used to prevent Guest Invitations from being sent
- Click Save
- Once saved you may navigate out of Templates to your next destination
Once you have decided on the local on-premises attribute to be used for this purpose, then it is simply a matter of setting that attribute mapping to set a value of “Guest” for the appropriate set of users.
The following provides a simple example template mapping using ExtensionAttribute1 as the designated local attribute to be set as “Guest” for Microsoft Entra Connect to sync them up to Microsoft Entra ID as B2B accounts.
- From the landing page or the application menu, choose Directory Synchronization
- Open the left navigation menu
Select Templates under Setup
Figure 5: Navigate to Templates
- Locate the template to be modified
- Select the template then click Settings
- Navigate to the Mapping tab
- Search for the attribute ExtensionAttribute1
- Double click the resulting record to open for editing
- Once open, click Advanced
- Modify the value to be “Guest”
Set the Condition to Action = “create” if you wish to only apply this rule to new users
Figure 6: Example of Advanced Mapping used to create local users, so they are ready to be synchronized up to Microsoft Entra ID as a Guest
- Select User as the Target Object Type
- Click Save
- Once saved you may navigate out of Templates to your next destination
When you run your workflow to create your local users with the above mappings and Microsoft Entra Connect is configured to sync as B2B users. This is only one example, there are different methods that be used to provide the same result depending on your environment needs.
Please note: If you choose this approach, you must ensure that the designated attribute is populated with the correct value (Guest or Member) for all existing user objects in on-premises Active Directory that are synchronized to Microsoft Entra ID before enabling synchronization of the “UserType” attribute.
For details on How to enable synchronization of UserType for Microsoft Entra Connect then please read this Microsoft document.
By default, guests aren't visible in the Exchange Global Address List.
If you have already created your Guest Users manually or otherwise, you may run a few PowerShell commands to set the appropriate property. Here’s how to Add guests to the global address list.
If you are using Directory Sync to create and update your Guest Users, then use the steps listed below to make sure your guests are visible in the global address list.
To ensure the Guest user is visible in the GAL, modify the default mappings for the property named HiddenFromAddressListsEnabled to be False before creating or synchronizing your Guest users.
The default mapping for HiddenFromAddressListsEnabled is to synchronize the source user object visibility property to the same in the target. If this is not the desired behavior, then follow these steps to guarantee the user will be visible.
Follow these steps to complete the task:
- From the landing page or the application menu, choose Directory Synchronization
- Open the left navigation menu
Select Templates under Setup
Figure 7: Navigate to Templates
- Locate the template to be modified
- Select the template then click Settings
Navigate to the Mapping tab
Figure 8: Example Search within Template Mapping Tab (click t enlarge)
- Search for the attribute HiddenFromAddressListsEnabled
- Locate the mapping where the Target Object Type is User
- Double click the resulting record to open for editing
- Once open, click Advanced
Modify the value to be “false”
Figure 9: Example of Advanced Mapping used to ensure a Guest User is visible in the GAL
- Optionally you may set a condition action ("create", "update", or "delete") whereby the object is only acted upon when the condition is satisfied
- Click Save
- Once saved you may navigate out of Templates to your next destination
The following Quick Start Guides have been created to assist with common directory sync scenarios.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Termini di utilizzo Privacy Cookie Preference Center