지금 지원 담당자와 채팅
지원 담당자와 채팅

On Demand Migration Current - Active Directory Users, Groups and Contact Sync Set Up Quick Start Guide

Setup Templates

Before we can build our workflows, it is best to set up your template(s). Templates contain common mappings and settings used to sync Users, Contacts, Devices, Groups, Office 365 Groups and Microsoft Teams. A template can then be applied to any workflow with a Stage Data step.

For the purpose of this guide, the following template will need to be configured to perform Synchronization for User, Group and Contact Objects.  This guide also assume objects will be created in the target Active Directory if there is no match found.  Additional templates may be created based on your project requirements.  Local to Local Password Sync

  • Local to Local Sync

How to create a Local to Local template

  1. Navigate to Templates.
  2. Click New.
  3. Enter the Name and Description of the template.
  4. In our example, we will name our template "Local to Local Sync". Click Next.
  5. Click Local as the source environment type. Click Next.
  6. Click Local as the target environment type. Click Next.
  7. Set CREATE NEW USERS AS = AS-IS
  8. Set UPDATE CREATED USERS= ENABLE
  9. Set UPDATE MATCHED USERS= ENABLE
  10. Set IF TARGET ADDRESS EXISTS setting as OVERWRITE ONCE.
  11. Click Next.
  12. Set CREATE GROUPS AS = SKIP
  13. Set UPDATE CREATED GROUPS = ENABLE
  14. Set UPDATE MATCHED GROUPS = ENABLE
  15. Set Convert Group Options with default settings:
    1. DOMAIN LOCAL GROUPS = DOMAIN LOCAL
    2. GLOBAL GROUPS = GLOBAL
    3. UNIVERSAL GROUPS = UNIVERSAL
  16. Click Next.
  17. Set CREATE NEW CONTACTS AS = AS-IS
  18. Set UPDATE CREATED CONTACTS = ENABLE
  19. Set UPDATE MATCHED CONTACTS = ENABLE
  20. Click Next.
  21. Set CREATE NEW DEVICES AS = SKIP
  22. Set UPDATE CREATED CONTACTS = DISABLE
  23. Set UPDATE MATCHED CONTACTS = DISABLE
  24. Click Next.
  25. Enter a default password. Click Next.
  26. Leave the SYNCHRONIZE SID HISTORY checkbox unchecked. Click Next.
  27. Under mappings, we can leave the settings as default or update them based on your project requirements.
  28. Click Next.
  29. Click Finish.

Setup Workflows

Follow these steps to create two new workflows for reading, matching, staging and writing data. 

How to create a one-way sync workflow for Local to Local

  1. Navigate to Workflows.
  2. Click New.
  3. Enter the Name and Description for the template. Click Next.
  4. Select both the local Active Directory environments created previously. Click Next.
  5. Select ONE-WAY SYNC. Click Next.
  6. The workflow task wizard opens. It is a pre-configured set of workflow steps to facilitate the flow of objects and attributes between your directories.

    Step 1: READ FROM

    1. Click Select.
    2. Select both environments created previously.
    3. Click OK.

    Step 2: MATCH OBJECTS

    • In this step you decide how to match existing objects across your local Active Directories.
    • Matching is conducted by pairing sets of attributes to find corresponding objects
    • The two environments may already have some attributes that can be used to find similar objects between the different directories, or you may need to set some to ensure accurate matching.
    • It is important that existing objects are correctly matched to perform password synchronization.

    NOTE: Matching attributes should be reviewed and adjusted based on actual project scope; there isn’t a set matching rule that will fit all scenarios.

    1. Click the Select.

    2. Select your source local environment from the drop-down menu.
    3. Select your target local environment from the drop-down menu.
    4. Choose your first attribute pairings, we will use WindowsEmailAddress for our first match criteria .
    5. Choose the sAMAccountName attribute for the source and target fields.
    6. To add more attribute pairs, click Add Attribute.
    7. Additional pairings are evaluated as “OR” conditions. After the first match is found, the additional pairings are not assessed.
    8. In our case we are adding three additional attribute pairings to our criteria
      • cn – This attribute was added to ensure we can match existing objects based on CN.
      • UserPrincipalName – UPN was added to ensure uniqueness of the local part of the address string.
      • Mail – This attribute was added to ensure we can match existing objects based on Mail.
    9. Ensure Match Across all object types is not checked in this case.
    10. There is no need in this guide to Add Another Pair. Click OK to close this configuration

    Step 3: STAGE DATA

    1. Click Select.
    2. Select the “Local to Local Sync” template. Click Next.
    3. Select the source local environment as your source. Click Next.
    4. Select the target local environment as your target. Click Next.
    5. Select the default target domain name. Click Next.
    6. Click ADD OUS. In the new OU pop-up window, select the OU that will be in-scope, select the INCLUDE ALL SUB OUS checkbox. Click OK to close the pop-up.

    7. Configure any Stage Data filter you like by double click on the OU in the OUs list, it is highly recommended to setup filter to limit the scope to perform a test on the first sync as part of the validation.  Click Next.
    8. Select the default OU for newly created objects for Users, Groups, Contacts, and Devices.  In our case, we can select the same OU for all object types as we are only syncing user as contact.

    9. Click Finish.

    Step 4: WRITE TO

    1. Click Select.
    2. Ensure the target environment is selected. Click OK.

  7. When you are done with the workflow wizard, you are ready to schedule this workflow.
    1. Click Next.
    2. Select Manual for now and we can setup a sync schedule once the test sync has completed. 
    3. Click Next.
  8. You can set up workflow alerts if needed. For now, click SKIP.
    1. Click Finish.

 

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택