DirWiz Logo
Knowledgebase

Article Tags

Prepare Directory Servers: Office 365 (O365)

2019-08-21 14:31:17
Office 365 System Requirements UnitySync 

As of UnitySync v2.3, support for Office 365 is available. The previously released destination template, ActiveDir-contact (O365), is obsolete. Instead, connections may be created using the Source and/or Destination template: O365

Connections may be configured to connect directly to your O365 directory as a Source, discovering Users, Contacts and/or Groups. These objects may be synced to create contacts in any other supported Destination directory type (Active Directory, Lotus Notes, O365, etc).

Likewise, connections may be configured to connect directly to your O365 directory as a Destination. When syncing to an O365 Destination, contacts will be created.

Syncing with O365, as either Source or Destination, requires Windows Powershell v3.0 or better. Windows Server OS typically include Powershell v3.0 or better as of Windows 8. If you are unsure what version is installed on your server, open Powershell and type:

get-host

This will show you information about the version.

If you attempt to sync with O365 without the proper Powershell version, you will receive an error message. Please refer to our knowledge base article Error: (500) Cannot process argument because the value of argument path is null for more information.

Important Note: UnitySync is unable to join to contacts that already exist in Office 365, whether manually created or synced via Dirsync. If you plan to retain an on-premise directory and sync regularly between on-premise and the cloud, we recommend that you populate O365 using UnitySync.

Office 365 System Requirements are required in addition to the standard UnitySync System Requirements

Office 365 (O365) Discovery Filters

Please see the other Office 365 knowledge base articles for more information.

Login ID Syntax

When reading from or syncing to an O365 tenant, we recommend you make your UnitySync User Login and O365 Administrator.

Required Login information

ID: The login of the default administrative account or other custom account created for UnitySync. This is required information when using Office 365 (O365).

ID name format: Use the same login format you would use when logging into o365 on line:

i.e. AccountName@YourDomain.onmicrosoft.com

Password: The password that corresponds to the login ID specified

Limiting permissions for read/write of your O365 tenant

As an alternative to using an O365 Administrator account, you may create custom accounts for reading or writing to O365 using the minimum role permissions necessary.

Discovery of O365

You may assign minimum access rights to your UnitySync login ID for reading O365:

  • For example, create an unlicensed Office 365 user account without O365 admin rights.

  • For view only access to o365, add user to the “View-Only Organization Management” admin role in the Exchange Admin Center. This role should provide UnitySync the rights needed to run the powershell commandlets utilized by UnitySync

Discovery, commandlets required:

Get-User
Get-MailUser
Get-Mailbox
Get-Contact
Get-MailContact
Get-DistributionGroup`

Syncing to O365:

You may assign minimum access rights to your UnitySync login ID for writing to O365.

This example script might help you create the custom service account using powershell to provide the minimum rights for mail contact Powershell cmdlets needed by UnitySync when writing to O365.

Refer to: TechNet Overview of Built-in role groups

Refer to: TechNet View-only Organization Management

Please refer to the O365 KB articles and the UnitySync Administrator’s Guide for more information about O365 syncs.

Share this article: Twitter reddit