Important!: This topic relates to Power365 Directory Sync Lite. As of May 29, 2020, Directory Sync Lite is no longer the standard deployment option for Premium Integration and Integration Pro projects. More information can be found here. |
This is a list of the attributes by AD object type that are set or modified during the various stages an object will go through during its Migration life cycle. The list below references the Active Directory attribute by name. Integration and Integration Pro license types are required for Directory Sync Lite. Click here for more details on all the Directory Sync Lite Eligible Attributes.
Power365 Directory Sync Lite is limited on what attributes it will set during an operation. The following information provides a list of example attributes that are set or modified during the different Power365 actions taken against a user. There are 3 steps or actions that all users will go through for an Integration or Pro licensed project.
- Prepare
- Sync (Provisioning)
- Cutover
Each section below covers these different states for each object created or modified, listing the AD attributes touched during the process. Power365 DS Lite is restricted to the mandatory user attributes and Exchange Mail Recipient related attributes. The Exchange attributes must be added to the local AD schema prior to implementation.
The first step in an Integration Project is to prepare your users for coexistence or the tenant-to-tenant integration phase of the migration project. During prepare a user is created or converted to a Mail-Enabled User. While a mail-enabled user, the target user does not require an Microsoft 365 license. Prepare will also create a corresponding Mail Contact and set various properties required to control mail routing, free/busy requests and visibility in the Global Address Lists. After the “Prepare” step is complete on all users within scope, the coexistence phase is almost ready.
This example represents a user object created or updated during the Prepare process. During this step the user is created or updated, mail-enabled and finally hidden from the global address lists.
samAccountName = J.Smith
adminDescription = Created By Power365 Directory Sync
objectClass = user
userAccountControl = 512
unicodePwd = ****
mail = Smith.Jack@TwoFishTrust.com
userPrincipalName = J.Smith@TwoFishTrust.com
displayName = Jack Smith
givenName = Jack
sn = Smith
msExchHideFromAddressLists = TRUE
showInAddressBook = CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=TFT,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=TFT,DC=com
showInAddressBook = CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=TFT,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=TFT,DC=com legacyExchangeDN = /o=TFT/ou=External (FYDIBOHF25SPDLT)/cn=Recipients/cn=2bdf9b30-0c1f-4bd2-951f-3fef0af9dad8
msExchPoliciesExcluded = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}
msExchRecipientTypeDetails = 128
msExchRecipientDisplayType = 6
mailNickname = J.Smith
targetAddress = SMTP:Smith.Jack@OneFishBank.com
proxyAddresses = SMTP:Smith.Jack@TwoFishTrust.com
This example represents a mail contact object created during the Prepare process, representing the source mailbox. This mail contact is displayed in the GAL and allows existing target users to send email and retrieve availability information from the source users.
adminDescription = Created By Power365 Directory Sync
objectClass = contact
msExchHideFromAddressLists = FALSE
showInAddressBook = CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=TFT,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=TFT,DC=com
showInAddressBook = CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=TFT,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=TFT,DC=com
displayName = Jack Smith
givenName = Jack
sn = Smith
targetAddress = SMTP:Smith.Jack@OneFishBank.com
mail = Smith.Jack@OneFishBank.com
mailNickname = J.Smith
legacyExchangeDN = /o=TFT/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=970b809e-a8d0-4896-ac0e-964def6422ef
msExchRecipientDisplayType = 6
msExchRecipientTypeDetails = 64
msExchPoliciesIncluded = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}
proxyAddresses = SMTP:Smith.Jack@OneFishBank.com
proxyAddresses = smtp:bcce8a99-f891-4701-be1c-06a9ed6b1d1d-C8-1-BT@TwoFishTrust.mail.onmicrosoft.com
The next step for any user during a migration project is to begin staging data in their destination mailbox for a later cutover event. After which they will use the new target mailbox exclusively. During the first sync job scheduled or requested, the Sync process will provision a remote mailbox and license the user for Exchange Online. Since a mailbox is now in place, we also set the Forwarding address to direct any new mail destined for this mailbox to be sent to the source user’s mailbox until the cutover. During the Sync phase, the user will remain in this state until updated during cutover. Multiple sync jobs typically follow once the first sync or initial sync job is completed. For a more information, here is a diagram of the first sync process.
This example represents a user object updated during the Provisioning process. During this step the user is converted to a hidden remote mailbox. Once these attribute changes are synchronized to Azure AD, this hidden remote mailbox allows Power365 to begin pre-staging data to the target mailbox for migration purposes. The ForwardingSMTPAddress parameter is set on the cloud mailbox to forward any incoming mail for that target address prior to cutover to the existing source mailbox. The target user will also be assigned an Microsoft 365 license based on the Migration Profile assigned.
userAccountControl (Replace) = 512
msExchRecipientTypeDetails (Replace) = 2147483648
msExchRecipientDisplayType (Replace) = -2147483642
msExchRemoteRecipientType (Replace) = 3
msExchPoliciesIncluded (Replace) = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}
msExchPoliciesExcluded (Delete)
targetAddress (Replace) = SMTP:J.Smith@TwoFishTrust.mail.onmicrosoft.com
proxyAddresses (Replace) = x500:/o=ExchangeLabs/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=b8ddf35c90b44c3a909fedc3d42574eb-Jack Smith
proxyAddresses (Replace) = SMTP:Smith.Jack@TwoFishTrust.com
proxyAddresses (Replace) = smtp:J.Smith@TwoFishTrust.mail.onmicrosoft.com
msExchArchiveName (Replace) = Online Archive - Jack Smith
msExchArchiveGuid (Replace) = ec1a0bdd-229d-4422-9dfc-9cf012b4bfe9
The final step a user must complete within a migration project is to be cutover to the destination mailbox and Microsoft 365 tenant. After which they can use the new target mailbox exclusively. During the cutover job both the source and target managed objects will be modified to enforce mail routing and continue to allow mail to flow while the original domain remains in the source tenant. Once the user cutover is complete, the user is not modified again, except in the case of a Domain Cutover, where Power365 will update the state of the user based on the domain move process. For more information, here is a related diagram of the user cutover process.
This example represents a user object modified during the cutover process. During this step the existing mailbox user that was created or updated previously by P365 Directory Sync Lite is now changed so that it is displayed in the GAL and the original legacyExchangeDN value from the Mail Contact is set as an X500 proxyaddresses value. In addition, the source legacyExchangeDN address is added as an x500 proxy alias. This will ensure reply-ability when using Outlook’s recently cached contacts.
msExchHideFromAddressLists (Replace) = FALSE
proxyAddresses (Replace) = smtp:J.Smith@TwoFishTrust.mail.onmicrosoft.com
proxyAddresses (Replace) = x500:/o=ExchangeLabs/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=b8ddf35c90b44c3a909fedc3d42574eb-Jack Smith
proxyAddresses (Replace) = SMTP:Smith.Jack@TwoFishTrust.com
proxyAddresses (Replace) = x500:/o=TFT/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=970b809e-a8d0-4896-ac0e-964def6422ef
This example represents a mail contact object modified during the cutover process. During this step the existing mail contact that was created by P365 Directory Sync is modified so that it is hidden from the GAL and the legacyExchangeDN value is replaced with a new one. This is done so that the original value can be applied to the Target Mailbox’s proxyaddresses as an X500.
legacyExchangeDN (Replace) = /o=TFT/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=970b809e-a8d0-4896-ac0e-964def6422ef-5570 msExchHideFromAddressLists (Replace) = TRUE
This example represents a user object modified during the cutover process. Once the mailbox is hidden, Power365 will set mail store and forwarding, so that new mail is delivered to the target mailbox.
adminDescription (Replace) = Updated By Power365 Directory Sync
msExchHideFromAddressLists (Replace) = TRUE
This example represents a mail contact object created during cutover representing the target mailbox user. This mail contact is displayed in the source tenant’s GAL and allows remaining source users to send email and retrieve availability information from the target (migrated) users.
adminDescription = Created By Power365 Directory Sync
objectClass = contact
msExchHideFromAddressLists = FALSE
showInAddressBook = CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=OFB,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=OFB,DC=com
showInAddressBook = CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=OFB,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=OFB,DC=com
displayName = Jack Smith
givenName = Jack
sn = Smith
targetAddress = SMTP:Smith.Jack@TwoFishTrust.com
mail = Smith.Jack@TwoFishTrust.com
mailNickname = J.Smith
legacyExchangeDN = /o=OFB/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=6e37e326-007c-4068-a39e-d5de499f629a
msExchRecipientDisplayType = 6
msExchRecipientTypeDetails = 64
msExchPoliciesIncluded = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}
proxyAddresses = SMTP:Smith.Jack@TwoFishTrust.com
proxyAddresses = smtp:b12ffdfb-49ee-4cb3-b332-1aedf73df8d5-C16-BT@OneFishBank.mail.onmicrosoft.com
The attributes covered above do not account for all eligible attributes related to Address Book Sync (GAL Sync) actions or processes. Click here for more details on all the Directory Sync Lite Eligible Attributes around GAL Sync.
This example represents a created mail contact object during Address Book Sync representing either the source or target mailbox or mail-enabled user.
adminDescription = Created By Power365 Directory Sync
objectClass = contact
msExchHideFromAddressLists = FALSE
showInAddressBook = CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=OFB,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=OFB,DC=com
showInAddressBook = CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=OFB,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=OFB,DC=com
displayName = Test MailUser
givenName = Test
sn = MailUser
targetAddress = SMTP:testmailuser@twofishtrust.com
mail = testmailuser@twofishtrust.com
mailNickname = TestMailUser
legacyExchangeDN = /o=OFB/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=d34992e4-5e94-454b-ae23-781b4d235d39
msExchRecipientDisplayType = 6
msExchRecipientTypeDetails = 64
msExchPoliciesIncluded = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}
proxyAddresses = SMTP:testmailuser@twofishtrust.com
proxyAddresses = smtp:260f2ed4-83fd-4d65-9e17-fffdfd6e7178-C16-BT@OneFishBank.mail.onmicrosoft.com
l = City
co = United States
company = TFT
department = Dept
mobile = 555-965-5225
physicalDeliveryOfficeName = 555-965-5225
postalCode = 55555
st = ST
streetAddress = 1234 Street
telephoneNumber = 555-965-5225
title = Senior Title
Directory Sync Lite Eligible Attributes
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center