The goal of this guide is to provide a step-by-step walk through of how-to set up 2-way Global Address List Synchronization between your Microsoft 365 Tenants, regardless of the tenant configuration, hybrid or cloud only.
Directory Sync supports Microsoft directories both on-premises and in the cloud. When setting up Global Address List (GAL) Synchronization there can be many different needs depending on where your Exchange Mailboxes reside and the project scope. These factors will determine the synchronization method for GAL sync. Below are two of the most common setups:
In most Microsoft O365 tenant setups, user mailboxes are exclusively hosted on Exchange Online, even when the user identities originate from On-Premises. In those cases, there is little need to set up local directory sync unless driven by other coexistence or migration needs, such as SID history or Password Sync. Cloud to Cloud is also the recommended configuration if you use Microsoft Azure Active Directory to manage your user identities.
When you have a Microsoft O365 Hybrid tenant setup and have requirements to leverage On-Premises Active Directory to manage the user identities or have the need for SID History migration and Password Sync, then it is recommended to configure your GAL Synchronization with Local to Local setup.
To set up Directory Sync for GAL sync, 4 configurations must be completed prior to the first synchronization.
Set up Environments
Set up Local Agents
Set up Templates
Set up Workflows
The next section will provide the list of requirements needed to set up GAL Sync for Microsoft 365 Hybrid Tenants.
The following are a list of minimum requirements to get set up using Directory Sync with your Microsoft Azure Active Directory. If you are only deploying Directory Sync between Cloud only directories, then skip the next section of requirements.
One (1) Global Administrator Account for each Microsoft 365 Tenant.
The following are a list of minimum requirements to get set up using Directory Sync with your Microsoft On-Premises Active Directory. If you are deploying Directory Sync between local directories for a hybrid deployment of Microsoft 365 then these additional items are required.
One (1) Local Administrator Account for each Microsoft Forest and/or Domain that has permissions to create, update or delete depending on the scope of your Directory Sync workflows.
One (1) Windows Server to install and host the Directory Sync Agent.
For more detailed information about agent installation and set-up requirements visit the On Demand Migration Active Directory User Guide.
The next section will provide a step-by-step guide on how to set up GAL Sync for Microsoft 365 Hybrid Tenants.