This list of best practices and tips has been assembled to further the understanding and assist with implementation questions that may arise during setup and testing.
Mappings have no impact on the matching attributes.
Mappings do not modify the Read Step; all object metadata is read.
If creating an object, such as Unified Groups in the destination the default mappings such as “GroupType” or “ObjectType” are not required because they will be auto generated by Exchange Online during creation.
If only synchronizing Group Membership, then all User attributes can be removed from the default mappings related to your group workflow and template.
Matching by “UserPrincipalName” will only match on the local part value, not the domain part.
Matching by “WindowsEmailAddress” will match on the entire string, not just the local part.
For membership/ownership to sync, within the template option, "If Users are matched" must be set to “Update”, not Skip. Skip will prevent membership from synchronizing.
During testing/piloting you may create a filter under Stage Data step to isolate a subset of test Groups to create and sync membership. This will provide a method to validate a few examples before proceeding onto creating all groups.
The Test Mode option in the workflow prevents the write data step from occurring in a workflow.
If the RecipientTypeDetails attribute mapping is missing, you will receive this error during the Stage Step. “No mapping found for RecipientTypeDetails.”
If the Name attribute mapping is missing, you will receive this error during the Write Step. “Missing required attribute: Name”.
The default mappings for Proxy Addresses (i.e. EmailAddresses) may prevent the creation of Unified Groups. The following error is received during the Write Step, “There should be at least one MOERA in Email Addresses.”.
When we create a group in the cloud environment, we grant our BT account Owner access. This can be removed once Sync services are no longer required.
The “ONLY EVALUATE OBJECTS WHICH HAVE CHANGED SINCE THE LAST READ” option only affects the Stage Step. Enable this option after the initial data has been read. Do not set that setting on read and write only workflows.
By default, the “ReplaceDomain” function is used by the “WindowEmailAddress” attribute to set your default email address to the Target Domain selected within the Stage Data step. This can be changed if required.
The default template contains the most commonly used mapping configuration between two environments, depends on the project requirements and scopes, mapping template can be modified to suite your project specific requirements.
Target Group Scope can be configured using these settings if you wish to convert the group scope as new groups created in target Active Directory.