Tchater maintenant avec le support
Tchattez avec un ingénieur du support

Active Roles 8.1.1 - Synchronization Service Administration Guide

Synchronization Service overview Deploying Synchronization Service Getting started Connections to external data systems
External data systems supported with built-in connectors
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Oracle Database Working with Oracle Database user accounts Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Working with Micro Focus NetIQ Directory Working with Salesforce Working with ServiceNow Working with Oracle Unified Directory Working with an LDAP directory service Working with an OpenLDAP directory service Working with IBM DB2 Working with IBM AS/400 Working with IBM RACF Working with MySQL database Working with an OLE DB-compliant relational database Working with SharePoint Working with Microsoft 365 Working with Microsoft Azure Active Directory Configuring data synchronization with the SCIM Connector Configuring data synchronization with the Generic SCIM Connector Objects and operations supported by the SCIM Connector Example of using the Generic SCIM Connector for data synchronization
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Developing PowerShell scripts for attribute synchronization rules Using PowerShell script to transform passwords

Considerations for creating objects in SharePoint

When creating objects in SharePoint, consider the following:

  • RoleAssignment object: To create this object, you must populate the value of the Member attribute for the object. Since Member is a reference attribute, you can only populate its value by configuring a value generation rule. For more information about value generation rules, see Using value generation rules.

  • Site object: To create this object, you must populate the values of attributes URL and Owner for the object.

Working with Microsoft 365

To create a connection to Microsoft 365, you need to use Synchronization Service in conjunction with a special connector called Microsoft Office 365 Connector. This connector is included in the Synchronization Service package.

The Office 365 Connector supports the following features:

Table 73: Office 365 Connector – Supported features

Feature

Supported

Bidirectional synchronization

Specifies whether you can both read and write data in the connected data system.

Yes

Delta processing mode

Specifies whether the connection can process only the data that has changed in the connected data system since the last synchronization operation. This reduces the overall synchronization duration.

No

Password synchronization

Specifies whether you can synchronize user passwords from an Active Directory (AD) domain to the connected data system.

Yes

Secure Sockets Layer (SSL) data encryption

Specifies whether the connector can use SSL to encrypt data transmitted between Active Roles Synchronization Service and the connected data system.

Yes

Creating a Microsoft Office 365 connection

With the Office 365 Connector, you can configure data synchronization connections for the Microsoft 365 service.

NOTE: To use the Microsoft Office 365 Connector, the Azure BackSync application requires a minimum set of permissions and roles for implementing automatic permission and role assignment in Active Roles Synchronization Service.

In the Azure portal, set the following privileges for the user account you use to configure Azure BackSync:

  • Exchange Administrator

  • Directory Writers

To create a new connection

  1. Make sure that the software specified in the System Requirements section of the Active Roles Release Notes is installed on the computer on which you plan to use the Office 365 Connector.

  2. In the Synchronization Service Console, open the Connections tab.
  3. Click Add connection, then use the following options:
    • Connection name: Type a descriptive name for the connection.
    • Use the specified connector: Select Office 365 Connector.

  4. Click Next.

  5. On the Specify connection settings page, use the following options:
    • App ID: Copy the ID of the Azure BackSync application from the Microsoft Azure Portal.

    • Client secret: Enter the ID of the Azure BackSync application from the Microsoft Azure Portal.

    • Proxy server: Specify if you want to use a proxy server for the connection. You can select one of the following options:

      • Use WinHTTP settings: Causes the connector to use the proxy server settings configured for Windows HTTP Services (WinHTTP).

      • Automatically detect: Automatically detects and uses proxy server settings.

      • Do not use proxy settings: Specifies to not use proxy server for the connection.

    • Test Connection: Click this button to verify the specified connection settings.
  6. Click Finish to create a connection to Microsoft 365.

Modifying a Microsoft Office 365 connection

You can view or modify an existing connection based on the Office 365 Connector with the Active Roles Synchronization Service Console. Modifying an Office 365 Connector connection is typically required if any change occurs in the Microsoft 365 service of your organization to which the Active Roles Synchronization Service connection was originally configured.

NOTE: To use the Microsoft Office 365 Connector, the Azure BackSync application requires a minimum set of permissions and roles for implementing automatic permission and role assignment in Active Roles Synchronization Service.

In the Azure portal, set the following privileges for the user account you use to configure Azure BackSync:

  • Exchange Administrator

  • Directory Writers

To modify connection settings

  1. In the Synchronization Service Console, open the Connections tab.
  2. Click Connection settings below the existing Office 365 connection you want to modify.

  3. On the Connection Settings tab, click the Specify connection settings item to expand it and use the following options:

    • App ID: Copy the ID of the Azure BackSync application from the Microsoft Azure Portal.

    • Client secret: Enter the ID of the Azure BackSync application from the Microsoft Azure Portal.

    • Proxy server: Specify if you want to use a proxy server for the connection. You can select one of the following options:

      • Use WinHTTP settings: Causes the connector to use the proxy server settings configured for Windows HTTP Services (WinHTTP).

      • Automatically detect: Automatically detects and uses proxy server settings.

      • Do not use proxy settings: Specifies to not use proxy server for the connection.

    • Test Connection: Click this button to verify the specified connection settings.
  4. When you are finished, click Save.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation