지금 지원 담당자와 채팅
지원 담당자와 채팅

On Demand Migration Current - Active Directory GAL Sync Setup Quick Start Guide

Set up Test Objects

Follow these steps to create one test objects in each environment to validate the GAL Sync workflow.

  1. Setup a Remote Mailbox in the source local environment and ensure it is part of the OU filter setup for the Local Environment.
    1. DisplayName: Lab1RMBX1
    2. PrimarySMTPAddress:  Lab1RMBX1@Lab1.Leagueteam.us
  2. Setup a Remote Mailbox in the target local environment it is part of the OU filter setup for the Local Environment.
    1. DisplayName: Lab2RMBX1
    2. PrimarySMTPAddress:  Lab2RMBX1@Lab2.Leagueteam.us
  3. Setup a Mailbox in the source cloud environment.
    1. DisplayName: Lab1CLDMBX1
    2. PrimarySMTPAddress:  Lab1CLDMBX1@Lab1.Leagueteam.us
  4. Setup a Mailbox in the source cloud environment.
    1. DisplayName: Lab2CLDMBX1
    2. PrimarySMTPAddress:  Lab2CLDMBX1@Lab2.Leagueteam.us
  5. Copy and save the LegacyExchangeDN value for the above test objects for later use.
  6. Add the test cloud objects as a member of the filter group for the Cloud Environment if filter group is configured when the environment was first configured. 

Validating the Workflow

Follow the below steps to perform the GAL Sync workflow and validation.

  1. Select the workflow configured and click RUN.
  2. Allow the workflow execution to complete.
  3. Validate Lab1RMBX1 from source local environment will be created in target local environment as Mail Contact.  The target Mail Contact should have the following set:
    1. Source Mailbox’s PrimarySMTPAddress will be added as targetAddress
    2. Source Mailbox’s LegacyExchangeDN will be added as x500 address.
    3. Source Mailbox’s PrimarySMTPAddress will be added as PrimarySMTPAddress.
    4. Target Contact’s cn will be created as a random GUID to ensure there will be no name collisions.
  4. Validate Lab1CLDMBX1 from source cloud environment will be created in target cloud environment as Mail Contact.  The target Mail Contact should have the following set:
    1. Source Mailbox’s PrimarySMTPAddress will be added as external email address
    2. Source Mailbox’s LegacyExchangeDN will be added as x500 address.
  5. Source Mailbox’s PrimarySMTPAddress will be added as PrimarySMTPAddress. Validate Lab1CLDMBX1 from source cloud environment will be created in target cloud environment as Mail User.  The Mail User should have the following set:
    1. Source Mailbox’s PrimarySMTPAddress will be added as external email address
    2. Source Mailbox’s LegacyExchangeDN will be added as x500 address.
    3. Source Mailbox’s PrimarySMTPAddress will be added as PrimarySMTPAddress.
  6. Validate Lab2CLDMBX1 from source cloud environment will be created in target cloud environment as Mail Contact.  The Mail Contact should have the following set:
    1. Source Mailbox’s PrimarySMTPAddress will be added as external email address
    2. Source Mailbox’s LegacyExchangeDN will be added as x500 address.
    3. Source Mailbox’s PrimarySMTPAddress will be added as PrimarySMTPAddress.

Best Practices & Tips

This list of best practices and tips has been assembled to further the understanding and assist with implementation questions that may arise during setup and testing.

  1. Mappings have no impact on the matching attributes.
  2. Mappings do not modify the Read Step; all object metadata is read.
  3. If creating an object, such as Unified Groups in the destination the default mappings such as “GroupType” or “ObjectType” are not required because they will be auto generated by Exchange Online during creation.
  4. If only synchronizing Group Membership, then all User attributes can be removed from the default mappings related to your group workflow and template.
  5. Matching by “UserPrincipleName” will only match on the local part value, not the domain part.
  6. Matching by “WindowsEmailAddress” will match on the entire string, not just the local part.
  7. For membership/ownership to sync, within the template option, "If Users are matched" must be set to “Update”, not Skip. Skip will prevent membership from synchronizing.
  8. During testing/piloting you may create a filter under Stage Data step to isolate a subset of test Groups to create and sync membership. This will provide a method to validate a few examples before proceeding onto creating all groups.
  9. The Test Mode option in the workflow prevents the write data step from occurring in a workflow. 
  10. If the RecipientTypeDetails attribute mapping is missing, you will receive this error during the Stage Step. “No mapping found for RecipientTypeDetails.”
  11. If this Name attribute mapping is missing, you will receive this error during the Write Step. “Missing required attribute: Name”.
  12. The default mappings for Proxy Addresses (i.e. EmailAddresses) may prevent the creation of Unified Groups. The following error is received during the Write Step, “There should be at least one MOERA in Email Addresses.”.
  13. When we create a group, we grant our account Owner access. This can be removed once Sync services are no longer required.
  14. The “ONLY EVALUATE OBJECTS WHICH HAVE CHANGED SINCE THE LAST READ” option only affects the Stage Step. Enable this option after the initial data has been read. Do not set that setting on read and write only workflows.
  15. By default, the “ReplaceDomain” function is used by the “WindowEmailAddress” attribute to set your default email address to the Target Domain selected within the Stage Data step. This can be changed if required.
  16. The Delete Objects Step in a workflow is required to delete target objects if that is in scope for your project. Here are details on this step: 
    1. Reconcile finds source object XYZ is no longer in scope and removes it from CDS, adds it to a list of "Reconciled objects" for that source.
    2. Delete step looks in "Reconciled objects" for anything from the configured source. It finds object XYZ.
    3. Delete step then looks for a match to object XYZ from the configured target. If found, the target object is deleted.

    In summary, the Reconcile step captures anything removed from the source, the delete step looks for any matching objects on the target and deletes them.

  17. A cloud environment filter is highly recommended, so we only must process in-scope objects to be read-in for the cloud environment.  This will reduce the time needed to read in the objects by Directory Sync.
  18. Both cloud and local environments will be added and associated automatically if we create the Tenant to Tenant project first.
  19. Due to O365 limitation, there can be no more than one cloud only objects having the same ExternalAddress, therefore, we must create the GAL object as MEU in the target cloud tenant. Contact object will be created after mailbox provisioning.
  20. The custom mapping below will copy the source object’s WindowsEmailAddress value to target as PrimarySMTPAddress, and it will also copy the source object’s LegacyExchangeDN to the target as an x500 address.

    Select mapping for ‘EmailAddresses’ and double click, enter the following expression under value field:

    GetProxyAddresses(null, null, prefix(Result("WindowsEmailAddress"), "SMTP:"), prefix(LegacyExchangeDN, "x500:"))

  21. The custom mapping below will copy the source object’s WindowsEmailAddress value to the target’s customattribute1 for matching purposes after the object is created.  Customattribute1 can be replaced by another attribute if it is already taken in the tenant.

    Select mapping for ‘CustomAttribute1 and double click, enter the below expression under value field:

    “s.WindowsEmailAddress”

  22. Target user objects will be created in the source as contact object because the limitation described in number 19 does not apply here.  The source user object will not have the ExternalAddress set, hence there will be no duplication.
  23. For Local to Local, the limitation described in number 19 no longer applies; therefore, we can create the GAL object as contact with ExternalAddress configured.
  24. The custom mapping below will set the target contact’s CN as a random GUID; this is needed to avoid possible name collision as CN is not a unique attribute in Active Directory.

    Select mapping for ‘DistinguishName and double click, enter the below expression under value field:

    GetDn(NewGuid())

  25. The below custom mapping will set the target contact’s targetAddress field with the source object’s mail attribute (which is also the PrimarySMTPAddress).

    Select mapping for ‘targetAddress’ and double click, enter the below expression under value field:

    prefix(S.mail, "SMTP:")

  26. msExchRecipientTypeDetails and msExchRecipientDisplayType will need to be set per Microsoft requirement for Mail Contact.  In this case, they should be set to “64” and “6”. 

 

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택