Chat now with support
Chat with Support

Binary Tree Directory Sync Pro for Notes 20.11 - Requirements and Installation Guide

Section 2. Directory Sync Pro Prerequisites

2.1 Supported Environments

The following is a list of supported and unsupported environments. If implementing directory synchronization between two Active Directory environments, you will need a Binary Tree Windows Server and an SQL Server database server.

 

Supported

Not Supported

Binary Tree Windows Server

Windows Server 2012 R2, Windows Server 2016, or Windows Server 2019; US English Operating System

All other versions of Windows Server

SQL Server Database

SQL Server can be a new or existing database server in the customer’s environment. The following SQL Server versions (English versions) are supported:

  • SQL Server 2008 R2

  • SQL Server 2008 R2 Express with Advanced Services

  • SQL Server 2012 SP2

  • SQL Server 2012 SP2 Express with Advanced Services

  • SQL Server 2014

  • SQL Server 2014 Express with Advanced Services

  • SQL Server 2016

  • SQL Server 2016 Express with Advanced Services

  • SQL Server 2017

SQL Server 2017 Express with Advanced Services

SQL Server 2008 or previous

 

Reporting using SQL Server Reporting Services 2016 or SQL Server Express Reporting Services 2016

Domain

At least one Windows Server 2003 SP2 Domain Controller in Source and Target

 

 

2.2 Binary Tree Windows Server Requirements

  • .NET 4.6.1 or greater. The installer will install .NET 4.6.1 if the target machine does not already have it. All system patches, service packs, and security updates should be applied to you operating system to ensure compatibility with .NET 4.6.1.

  • IPv4 Only

  • The user running the BTDirsync service (full name BinaryTree.Coexistence.Dirsync.Exchange.exe) must have the following rights:

  1. Administrator rights to SQL Server with sysadmin role (during installation).

  2. Local administrative rights to the Binary Tree Windows server (during installation).

  • Exchange cannot be installed on this server.

  • The Binary Tree Windows Server must be a dedicated server for the Binary Tree solutions.

  • If using the Password Copy functionality of Directory Sync Pro for Domino Synchronization, PsExec must be installed in the Directory Sync Pro program directory (C:\Program Files\Binary Tree\DirSync). Ignore the PSTools Installation Guide concerning the proper installation location. PsExec is available at: https://technet.microsoft.com/en-us/sysinternals/bb897553

2.3 Binary Tree Domino Server Requirements

The Domino Coexistence server is responsible for Directory Synchronization, Free/Busy Look-up, and Messaging, Calendaring and Application Remediation.

  • Windows Server 2008 R2, Windows Server 2012 R2 and Windows Server 2016 (US English) (Language packs are supported)

  • Domino 8.5.3 or 9.0.1 English (Language packs are supported)

Domino 8.5.x will reach End of Service/Support (EOS) on September 30, 2018. If there is an issue related to Domino or if a fix is required related to an issue, it may be necessary to upgrade to an officially supported version of Domino (9.x).

  • .NET 4.5.2 and Microsoft Visual C++ 2015 Update 3 dependencies (of which the necessary C++ runtimes are in the installation package)

  • The Domino Coexistence server should be dedicated to Domino and the Notes Integration BTCal add-in tasks only

  • The Domino Coexistence server should be a separate server from the Domino Mail servers, and no user mail files should reside on the Domino Coexistence server

Domino Server Hardware Requirements

Recommended:

  • Domino Coexistence Server

    • 4 Cores

    • 8 GB of RAM

    • 100 GB of storage

    • Add 50 GB of storage if deploying ZApp

Minimum:

  • Domino Coexistence Server

    • 2 Cores

    • 4 GB of RAM

    • 100 GB of storage

    • Add 25 GB of storage if deploying ZApp

       

2.4 SQL Server Database Requirements

  • The IP address and either the default SQL port (1433) or an alternate port must be open to all Binary Tree servers.

  • The ability to create and modify tables in the Dirsync database on the SQL Server database server.

  • It is strongly recommended that the SQL Server database server is dedicated to SQL Server. This server can host other SQL databases, but should serve no other purpose than being a SQL Server database server.

  • SQL Server must be configured using Mixed Mode authentication.

  • Using the default system administrator SQL Server login account is not recommended. A Directory Sync SQL Server login account should be created. This account must have sysadmin and database owner rights to create the Dirsync database. The sysadmin right can be removed from this account once the install is complete.

  • If using a Remote Named Instance of SQL Server:

The incoming firewall rules on the machine that hosts the SQL Server instance must be modified.

Using the SQL default of dynamic ports for named instances:

  1. Create an inbound firewall “Program” rule whose program path is the named SQL database engine (ex: %ProgramFiles%\Microsoft SQL Server\MSSQL14.<INSTANCE-NAME>\MSSQL\Binn\sqlservr.exe)

  2. Create an inbound firewall “Port” rule for UDP port 1434.

  3. The “SQL Server Browser” must be running.

Alternatively, you can setup a fixed port for the SQL instance following these instructions.

2.5 General Requirements

  • All components of Directory Sync Pro are fully functional on physical as well as virtual machines. When setting up Proof of Concept or Pilot environments, Binary Tree fully supports, in fact, recommends the use of virtual machines as a means of lowering the expense of such projects. However, when it comes to production environments, Binary Tree has not yet gathered sufficient information to determine whether virtual environments have the same stability and performance characteristics as physical machines. Because a majority of production environments have been and are deployed on physical machines, Binary Tree advises potential customers of these facts, but defers to them to make the final decision. Binary Tree will provide product support in both physical and virtual environments. However, if either stability or performance issues are found in a virtual environment, Binary Tree may recommend switching to a physical one as a means of issue correction.

  • Binary Tree Servers must be connected via a LAN (10MB or higher) connection. A high-speed WAN (5MB or higher) connection may be acceptable but is not recommended. Where possible, it is recommended to have these servers, as well as Exchange on the same physical network.

2.6 Exchange Access Requirements

To deploy Directory Sync Pro on the Binary Tree Windows Server, an AD account with Server Administration rights must be able to log on to the server interactively. The account must be able to run programs with Administration-level access on the target Exchange Server and specifically be able to open the Exchange Management Shell (PowerShell).

Binary Tree recommends the following setup for the service account:

Active Directory

  • Minimum membership of Domain Users (least privilege) built-in security group

  • Read & List Contents rights to "Deleted Objects" container. You may follow these steps if your account is not a Domain Administrator or equivalent (see KB892806):

Using a domain admin account, open a command prompt and confirm the successful execution of the following commands:

dsacls "CN=Deleted Objects,DC=domain,DC=com" /takeownership

dsacls "CN=Deleted Objects,DC=domain,DC=com" /g Domain\ServiceAccount:LCRP

  • Full Control rights to destination OU in Active Directory

Exchange

  • Administrative rights to Exchange

SQL Server

  • Create a new login in the SQL Server Management Studio. In Server Roles, grant public and sysadmin rights (you may remove these rights after the database has been created). In User Mapping, select the DirSync database and grant public and database owner rights.

Binary Tree Windows Server

  • Member of local administrators group

2.7 Post Sync PowerShell Script Requirements

The following requirements must be met if using the Post Sync PowerShell Script option:

  • PowerShell 4

  • The credentials specified on the AD Target tab must have rights to run PowerShell.

  • The following must be enabled on the DC defined on the AD Target tab:

    • Remote PowerShell commands (Unrestricted methods must be enabled if required)

    • Windows Remote Management (WinRM)

    • Active Directory Web Services

2.1 Supported Environments

The following is a list of supported and unsupported environments. If implementing directory synchronization between two Active Directory environments, you will need a Binary Tree Windows Server and an SQL Server database server.

 

Supported

Not Supported

Binary Tree Windows Server

Windows Server 2012 R2, Windows Server 2016, or Windows Server 2019; US English Operating System

All other versions of Windows Server

SQL Server Database

SQL Server can be a new or existing database server in the customer’s environment. The following SQL Server versions (English versions) are supported:

  • SQL Server 2008 R2

  • SQL Server 2008 R2 Express with Advanced Services

  • SQL Server 2012 SP2

  • SQL Server 2012 SP2 Express with Advanced Services

  • SQL Server 2014

  • SQL Server 2014 Express with Advanced Services

  • SQL Server 2016

  • SQL Server 2016 Express with Advanced Services

  • SQL Server 2017

SQL Server 2017 Express with Advanced Services

SQL Server 2008 or previous

 

Reporting using SQL Server Reporting Services 2016 or SQL Server Express Reporting Services 2016

Domain

At least one Windows Server 2003 SP2 Domain Controller in Source and Target

 

 

2.2 Binary Tree Windows Server Requirements

  • .NET 4.6.1 or greater. The installer will install .NET 4.6.1 if the target machine does not already have it. All system patches, service packs, and security updates should be applied to you operating system to ensure compatibility with .NET 4.6.1.

  • IPv4 Only

  • The user running the BTDirsync service (full name BinaryTree.Coexistence.Dirsync.Exchange.exe) must have the following rights:

  1. Administrator rights to SQL Server with sysadmin role (during installation).

  2. Local administrative rights to the Binary Tree Windows server (during installation).

  • Exchange cannot be installed on this server.

  • The Binary Tree Windows Server must be a dedicated server for the Binary Tree solutions.

  • If using the Password Copy functionality of Directory Sync Pro for Domino Synchronization, PsExec must be installed in the Directory Sync Pro program directory (C:\Program Files\Binary Tree\DirSync). Ignore the PSTools Installation Guide concerning the proper installation location. PsExec is available at: https://technet.microsoft.com/en-us/sysinternals/bb897553

2.3 Binary Tree Domino Server Requirements

The Domino Coexistence server is responsible for Directory Synchronization, Free/Busy Look-up, and Messaging, Calendaring and Application Remediation.

  • Windows Server 2008 R2, Windows Server 2012 R2 and Windows Server 2016 (US English) (Language packs are supported)

  • Domino 8.5.3 or 9.0.1 English (Language packs are supported)

Domino 8.5.x will reach End of Service/Support (EOS) on September 30, 2018. If there is an issue related to Domino or if a fix is required related to an issue, it may be necessary to upgrade to an officially supported version of Domino (9.x).

  • .NET 4.5.2 and Microsoft Visual C++ 2015 Update 3 dependencies (of which the necessary C++ runtimes are in the installation package)

  • The Domino Coexistence server should be dedicated to Domino and the Notes Integration BTCal add-in tasks only

  • The Domino Coexistence server should be a separate server from the Domino Mail servers, and no user mail files should reside on the Domino Coexistence server

Domino Server Hardware Requirements

Recommended:

  • Domino Coexistence Server

    • 4 Cores

    • 8 GB of RAM

    • 100 GB of storage

    • Add 50 GB of storage if deploying ZApp

Minimum:

  • Domino Coexistence Server

    • 2 Cores

    • 4 GB of RAM

    • 100 GB of storage

    • Add 25 GB of storage if deploying ZApp

       

2.4 SQL Server Database Requirements

  • The IP address and either the default SQL port (1433) or an alternate port must be open to all Binary Tree servers.

  • The ability to create and modify tables in the Dirsync database on the SQL Server database server.

  • It is strongly recommended that the SQL Server database server is dedicated to SQL Server. This server can host other SQL databases, but should serve no other purpose than being a SQL Server database server.

  • SQL Server must be configured using Mixed Mode authentication.

  • Using the default system administrator SQL Server login account is not recommended. A Directory Sync SQL Server login account should be created. This account must have sysadmin and database owner rights to create the Dirsync database. The sysadmin right can be removed from this account once the install is complete.

  • If using a Remote Named Instance of SQL Server:

The incoming firewall rules on the machine that hosts the SQL Server instance must be modified.

Using the SQL default of dynamic ports for named instances:

  1. Create an inbound firewall “Program” rule whose program path is the named SQL database engine (ex: %ProgramFiles%\Microsoft SQL Server\MSSQL14.<INSTANCE-NAME>\MSSQL\Binn\sqlservr.exe)

  2. Create an inbound firewall “Port” rule for UDP port 1434.

  3. The “SQL Server Browser” must be running.

Alternatively, you can setup a fixed port for the SQL instance following these instructions.

2.5 General Requirements

  • All components of Directory Sync Pro are fully functional on physical as well as virtual machines. When setting up Proof of Concept or Pilot environments, Binary Tree fully supports, in fact, recommends the use of virtual machines as a means of lowering the expense of such projects. However, when it comes to production environments, Binary Tree has not yet gathered sufficient information to determine whether virtual environments have the same stability and performance characteristics as physical machines. Because a majority of production environments have been and are deployed on physical machines, Binary Tree advises potential customers of these facts, but defers to them to make the final decision. Binary Tree will provide product support in both physical and virtual environments. However, if either stability or performance issues are found in a virtual environment, Binary Tree may recommend switching to a physical one as a means of issue correction.

  • Binary Tree Servers must be connected via a LAN (10MB or higher) connection. A high-speed WAN (5MB or higher) connection may be acceptable but is not recommended. Where possible, it is recommended to have these servers, as well as Exchange on the same physical network.

2.6 Exchange Access Requirements

To deploy Directory Sync Pro on the Binary Tree Windows Server, an AD account with Server Administration rights must be able to log on to the server interactively. The account must be able to run programs with Administration-level access on the target Exchange Server and specifically be able to open the Exchange Management Shell (PowerShell).

Binary Tree recommends the following setup for the service account:

Active Directory

  • Minimum membership of Domain Users (least privilege) built-in security group

  • Read & List Contents rights to "Deleted Objects" container. You may follow these steps if your account is not a Domain Administrator or equivalent (see KB892806):

Using a domain admin account, open a command prompt and confirm the successful execution of the following commands:

dsacls "CN=Deleted Objects,DC=domain,DC=com" /takeownership

dsacls "CN=Deleted Objects,DC=domain,DC=com" /g Domain\ServiceAccount:LCRP

  • Full Control rights to destination OU in Active Directory

Exchange

  • Administrative rights to Exchange

SQL Server

  • Create a new login in the SQL Server Management Studio. In Server Roles, grant public and sysadmin rights (you may remove these rights after the database has been created). In User Mapping, select the DirSync database and grant public and database owner rights.

Binary Tree Windows Server

  • Member of local administrators group

2.7 Post Sync PowerShell Script Requirements

The following requirements must be met if using the Post Sync PowerShell Script option:

  • PowerShell 4

  • The credentials specified on the AD Target tab must have rights to run PowerShell.

  • The following must be enabled on the DC defined on the AD Target tab:

    • Remote PowerShell commands (Unrestricted methods must be enabled if required)

    • Windows Remote Management (WinRM)

    • Active Directory Web Services

2.2 Binary Tree Windows Server Requirements

2.1 Supported Environments

The following is a list of supported and unsupported environments. If implementing directory synchronization between two Active Directory environments, you will need a Binary Tree Windows Server and an SQL Server database server.

 

Supported

Not Supported

Binary Tree Windows Server

Windows Server 2012 R2, Windows Server 2016, or Windows Server 2019; US English Operating System

All other versions of Windows Server

SQL Server Database

SQL Server can be a new or existing database server in the customer’s environment. The following SQL Server versions (English versions) are supported:

  • SQL Server 2008 R2

  • SQL Server 2008 R2 Express with Advanced Services

  • SQL Server 2012 SP2

  • SQL Server 2012 SP2 Express with Advanced Services

  • SQL Server 2014

  • SQL Server 2014 Express with Advanced Services

  • SQL Server 2016

  • SQL Server 2016 Express with Advanced Services

  • SQL Server 2017

SQL Server 2017 Express with Advanced Services

SQL Server 2008 or previous

 

Reporting using SQL Server Reporting Services 2016 or SQL Server Express Reporting Services 2016

Domain

At least one Windows Server 2003 SP2 Domain Controller in Source and Target

 

 

  • .NET 4.6.1 or greater. The installer will install .NET 4.6.1 if the target machine does not already have it. All system patches, service packs, and security updates should be applied to you operating system to ensure compatibility with .NET 4.6.1.

  • IPv4 Only

  • The user running the BTDirsync service (full name BinaryTree.Coexistence.Dirsync.Exchange.exe) must have the following rights:

  1. Administrator rights to SQL Server with sysadmin role (during installation).

  2. Local administrative rights to the Binary Tree Windows server (during installation).

  • Exchange cannot be installed on this server.

  • The Binary Tree Windows Server must be a dedicated server for the Binary Tree solutions.

  • If using the Password Copy functionality of Directory Sync Pro for Domino Synchronization, PsExec must be installed in the Directory Sync Pro program directory (C:\Program Files\Binary Tree\DirSync). Ignore the PSTools Installation Guide concerning the proper installation location. PsExec is available at: https://technet.microsoft.com/en-us/sysinternals/bb897553

2.3 Binary Tree Domino Server Requirements

The Domino Coexistence server is responsible for Directory Synchronization, Free/Busy Look-up, and Messaging, Calendaring and Application Remediation.

  • Windows Server 2008 R2, Windows Server 2012 R2 and Windows Server 2016 (US English) (Language packs are supported)

  • Domino 8.5.3 or 9.0.1 English (Language packs are supported)

Domino 8.5.x will reach End of Service/Support (EOS) on September 30, 2018. If there is an issue related to Domino or if a fix is required related to an issue, it may be necessary to upgrade to an officially supported version of Domino (9.x).

  • .NET 4.5.2 and Microsoft Visual C++ 2015 Update 3 dependencies (of which the necessary C++ runtimes are in the installation package)

  • The Domino Coexistence server should be dedicated to Domino and the Notes Integration BTCal add-in tasks only

  • The Domino Coexistence server should be a separate server from the Domino Mail servers, and no user mail files should reside on the Domino Coexistence server

Domino Server Hardware Requirements

Recommended:

  • Domino Coexistence Server

    • 4 Cores

    • 8 GB of RAM

    • 100 GB of storage

    • Add 50 GB of storage if deploying ZApp

Minimum:

  • Domino Coexistence Server

    • 2 Cores

    • 4 GB of RAM

    • 100 GB of storage

    • Add 25 GB of storage if deploying ZApp

       

2.4 SQL Server Database Requirements

  • The IP address and either the default SQL port (1433) or an alternate port must be open to all Binary Tree servers.

  • The ability to create and modify tables in the Dirsync database on the SQL Server database server.

  • It is strongly recommended that the SQL Server database server is dedicated to SQL Server. This server can host other SQL databases, but should serve no other purpose than being a SQL Server database server.

  • SQL Server must be configured using Mixed Mode authentication.

  • Using the default system administrator SQL Server login account is not recommended. A Directory Sync SQL Server login account should be created. This account must have sysadmin and database owner rights to create the Dirsync database. The sysadmin right can be removed from this account once the install is complete.

  • If using a Remote Named Instance of SQL Server:

The incoming firewall rules on the machine that hosts the SQL Server instance must be modified.

Using the SQL default of dynamic ports for named instances:

  1. Create an inbound firewall “Program” rule whose program path is the named SQL database engine (ex: %ProgramFiles%\Microsoft SQL Server\MSSQL14.<INSTANCE-NAME>\MSSQL\Binn\sqlservr.exe)

  2. Create an inbound firewall “Port” rule for UDP port 1434.

  3. The “SQL Server Browser” must be running.

Alternatively, you can setup a fixed port for the SQL instance following these instructions.

2.5 General Requirements

  • All components of Directory Sync Pro are fully functional on physical as well as virtual machines. When setting up Proof of Concept or Pilot environments, Binary Tree fully supports, in fact, recommends the use of virtual machines as a means of lowering the expense of such projects. However, when it comes to production environments, Binary Tree has not yet gathered sufficient information to determine whether virtual environments have the same stability and performance characteristics as physical machines. Because a majority of production environments have been and are deployed on physical machines, Binary Tree advises potential customers of these facts, but defers to them to make the final decision. Binary Tree will provide product support in both physical and virtual environments. However, if either stability or performance issues are found in a virtual environment, Binary Tree may recommend switching to a physical one as a means of issue correction.

  • Binary Tree Servers must be connected via a LAN (10MB or higher) connection. A high-speed WAN (5MB or higher) connection may be acceptable but is not recommended. Where possible, it is recommended to have these servers, as well as Exchange on the same physical network.

2.6 Exchange Access Requirements

To deploy Directory Sync Pro on the Binary Tree Windows Server, an AD account with Server Administration rights must be able to log on to the server interactively. The account must be able to run programs with Administration-level access on the target Exchange Server and specifically be able to open the Exchange Management Shell (PowerShell).

Binary Tree recommends the following setup for the service account:

Active Directory

  • Minimum membership of Domain Users (least privilege) built-in security group

  • Read & List Contents rights to "Deleted Objects" container. You may follow these steps if your account is not a Domain Administrator or equivalent (see KB892806):

Using a domain admin account, open a command prompt and confirm the successful execution of the following commands:

dsacls "CN=Deleted Objects,DC=domain,DC=com" /takeownership

dsacls "CN=Deleted Objects,DC=domain,DC=com" /g Domain\ServiceAccount:LCRP

  • Full Control rights to destination OU in Active Directory

Exchange

  • Administrative rights to Exchange

SQL Server

  • Create a new login in the SQL Server Management Studio. In Server Roles, grant public and sysadmin rights (you may remove these rights after the database has been created). In User Mapping, select the DirSync database and grant public and database owner rights.

Binary Tree Windows Server

  • Member of local administrators group

2.7 Post Sync PowerShell Script Requirements

The following requirements must be met if using the Post Sync PowerShell Script option:

  • PowerShell 4

  • The credentials specified on the AD Target tab must have rights to run PowerShell.

  • The following must be enabled on the DC defined on the AD Target tab:

    • Remote PowerShell commands (Unrestricted methods must be enabled if required)

    • Windows Remote Management (WinRM)

    • Active Directory Web Services

2.3 Binary Tree Domino Server Requirements

2.1 Supported Environments

The following is a list of supported and unsupported environments. If implementing directory synchronization between two Active Directory environments, you will need a Binary Tree Windows Server and an SQL Server database server.

 

Supported

Not Supported

Binary Tree Windows Server

Windows Server 2012 R2, Windows Server 2016, or Windows Server 2019; US English Operating System

All other versions of Windows Server

SQL Server Database

SQL Server can be a new or existing database server in the customer’s environment. The following SQL Server versions (English versions) are supported:

  • SQL Server 2008 R2

  • SQL Server 2008 R2 Express with Advanced Services

  • SQL Server 2012 SP2

  • SQL Server 2012 SP2 Express with Advanced Services

  • SQL Server 2014

  • SQL Server 2014 Express with Advanced Services

  • SQL Server 2016

  • SQL Server 2016 Express with Advanced Services

  • SQL Server 2017

SQL Server 2017 Express with Advanced Services

SQL Server 2008 or previous

 

Reporting using SQL Server Reporting Services 2016 or SQL Server Express Reporting Services 2016

Domain

At least one Windows Server 2003 SP2 Domain Controller in Source and Target

 

 

2.2 Binary Tree Windows Server Requirements

  • .NET 4.6.1 or greater. The installer will install .NET 4.6.1 if the target machine does not already have it. All system patches, service packs, and security updates should be applied to you operating system to ensure compatibility with .NET 4.6.1.

  • IPv4 Only

  • The user running the BTDirsync service (full name BinaryTree.Coexistence.Dirsync.Exchange.exe) must have the following rights:

  1. Administrator rights to SQL Server with sysadmin role (during installation).

  2. Local administrative rights to the Binary Tree Windows server (during installation).

  • Exchange cannot be installed on this server.

  • The Binary Tree Windows Server must be a dedicated server for the Binary Tree solutions.

  • If using the Password Copy functionality of Directory Sync Pro for Domino Synchronization, PsExec must be installed in the Directory Sync Pro program directory (C:\Program Files\Binary Tree\DirSync). Ignore the PSTools Installation Guide concerning the proper installation location. PsExec is available at: https://technet.microsoft.com/en-us/sysinternals/bb897553

The Domino Coexistence server is responsible for Directory Synchronization, Free/Busy Look-up, and Messaging, Calendaring and Application Remediation.

  • Windows Server 2008 R2, Windows Server 2012 R2 and Windows Server 2016 (US English) (Language packs are supported)

  • Domino 8.5.3 or 9.0.1 English (Language packs are supported)

Domino 8.5.x will reach End of Service/Support (EOS) on September 30, 2018. If there is an issue related to Domino or if a fix is required related to an issue, it may be necessary to upgrade to an officially supported version of Domino (9.x).

  • .NET 4.5.2 and Microsoft Visual C++ 2015 Update 3 dependencies (of which the necessary C++ runtimes are in the installation package)

  • The Domino Coexistence server should be dedicated to Domino and the Notes Integration BTCal add-in tasks only

  • The Domino Coexistence server should be a separate server from the Domino Mail servers, and no user mail files should reside on the Domino Coexistence server

Domino Server Hardware Requirements

Recommended:

  • Domino Coexistence Server

    • 4 Cores

    • 8 GB of RAM

    • 100 GB of storage

    • Add 50 GB of storage if deploying ZApp

Minimum:

  • Domino Coexistence Server

    • 2 Cores

    • 4 GB of RAM

    • 100 GB of storage

    • Add 25 GB of storage if deploying ZApp

       

2.4 SQL Server Database Requirements

  • The IP address and either the default SQL port (1433) or an alternate port must be open to all Binary Tree servers.

  • The ability to create and modify tables in the Dirsync database on the SQL Server database server.

  • It is strongly recommended that the SQL Server database server is dedicated to SQL Server. This server can host other SQL databases, but should serve no other purpose than being a SQL Server database server.

  • SQL Server must be configured using Mixed Mode authentication.

  • Using the default system administrator SQL Server login account is not recommended. A Directory Sync SQL Server login account should be created. This account must have sysadmin and database owner rights to create the Dirsync database. The sysadmin right can be removed from this account once the install is complete.

  • If using a Remote Named Instance of SQL Server:

The incoming firewall rules on the machine that hosts the SQL Server instance must be modified.

Using the SQL default of dynamic ports for named instances:

  1. Create an inbound firewall “Program” rule whose program path is the named SQL database engine (ex: %ProgramFiles%\Microsoft SQL Server\MSSQL14.<INSTANCE-NAME>\MSSQL\Binn\sqlservr.exe)

  2. Create an inbound firewall “Port” rule for UDP port 1434.

  3. The “SQL Server Browser” must be running.

Alternatively, you can setup a fixed port for the SQL instance following these instructions.

2.5 General Requirements

  • All components of Directory Sync Pro are fully functional on physical as well as virtual machines. When setting up Proof of Concept or Pilot environments, Binary Tree fully supports, in fact, recommends the use of virtual machines as a means of lowering the expense of such projects. However, when it comes to production environments, Binary Tree has not yet gathered sufficient information to determine whether virtual environments have the same stability and performance characteristics as physical machines. Because a majority of production environments have been and are deployed on physical machines, Binary Tree advises potential customers of these facts, but defers to them to make the final decision. Binary Tree will provide product support in both physical and virtual environments. However, if either stability or performance issues are found in a virtual environment, Binary Tree may recommend switching to a physical one as a means of issue correction.

  • Binary Tree Servers must be connected via a LAN (10MB or higher) connection. A high-speed WAN (5MB or higher) connection may be acceptable but is not recommended. Where possible, it is recommended to have these servers, as well as Exchange on the same physical network.

2.6 Exchange Access Requirements

To deploy Directory Sync Pro on the Binary Tree Windows Server, an AD account with Server Administration rights must be able to log on to the server interactively. The account must be able to run programs with Administration-level access on the target Exchange Server and specifically be able to open the Exchange Management Shell (PowerShell).

Binary Tree recommends the following setup for the service account:

Active Directory

  • Minimum membership of Domain Users (least privilege) built-in security group

  • Read & List Contents rights to "Deleted Objects" container. You may follow these steps if your account is not a Domain Administrator or equivalent (see KB892806):

Using a domain admin account, open a command prompt and confirm the successful execution of the following commands:

dsacls "CN=Deleted Objects,DC=domain,DC=com" /takeownership

dsacls "CN=Deleted Objects,DC=domain,DC=com" /g Domain\ServiceAccount:LCRP

  • Full Control rights to destination OU in Active Directory

Exchange

  • Administrative rights to Exchange

SQL Server

  • Create a new login in the SQL Server Management Studio. In Server Roles, grant public and sysadmin rights (you may remove these rights after the database has been created). In User Mapping, select the DirSync database and grant public and database owner rights.

Binary Tree Windows Server

  • Member of local administrators group

2.7 Post Sync PowerShell Script Requirements

The following requirements must be met if using the Post Sync PowerShell Script option:

  • PowerShell 4

  • The credentials specified on the AD Target tab must have rights to run PowerShell.

  • The following must be enabled on the DC defined on the AD Target tab:

    • Remote PowerShell commands (Unrestricted methods must be enabled if required)

    • Windows Remote Management (WinRM)

    • Active Directory Web Services

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating