To configure sync workflow to back-synchronize contacts perform the following steps:
Step 1: Create Connection to Office 365 in the hybrid environment
Create a connection to Office 365 using the Microsoft Office 365 Connector. The configuration requires Microsoft Online Services ID, Password, Proxy server (if required) and Exchange Online services.
|NOTE: Back synchronization of contacts uses Microsoft Office 365 Connector to establish connection to Office 365. Back synchronization of users and groups uses the Azure AD Connector to establish connection to Azure AD.|
Step 2: Create Connection to Active Roles in the hybrid environment
Create a connection to Active Roles using the Active Roles Connector. The configuration requires the local domain details and Active Roles version used. Define the scope to select the container from which the objects for synchronization must be selected.
Step 3: Create Sync Workflow
Create a Sync Workflow using the Office 365 and Active Roles connections. Add a Synchronization step to Update Office 365 Contacts to Active Roles Contacts. Configure the Forward Sync Rule to synchronize the following:
Step 4: Create Mapping
Create a Mapping Rule, which identifies the contact in Office 365 and on-premises AD uniquely and map the specified properties from Office 365 to Active Roles appropriately.
- Based on the environment, make sure to create the correct Mapping rule to identify the contacts uniquely. In-correct mapping rule may create duplicate objects and the back-sync operation may not work as expected.
- In Federated or Synchronized environments, Office 365 contact creation is not supported. The contact is created in Active Roles and is synchronized eventu- ally to Office 365 using Microsoft Native tools, such as AAD Connect. To manage the Office 365 contact through Active Roles, you must perform periodic back-synchronization to on-premise AD.
Active Roles 7.4.3 introduces support for Azure Multi tenant model. Multiple tenants can be configured on the Web Interface. Using this feature, the Azure objects from multiple tenants can be managed from the web interface.
The previous custom policies related to Azure Roles and licenses, and OneDrive are not valid and the policy evaluation is skipped after an import or upgrade. Active Roles 7.4.3 introduces a new Azure/Office 365 Tenant Management policy that encompasses all the previous Azure related policies such as Azure Roles and Licenses, and OneDrive policies. Configure the latest Azure/Office 365 Tenant Selection policies to proceed further. The Web Interface notifies the user if any older policies are applied on the OU. Deprovisioning policy for Azure license retention is invalid and must be created again and applied. For more information on the new policy, see Office 365 and Azure Tenant Selection.
The Active Roles web interface enables you to perform administrative tasks such as create, read, update, deprovision, undo-deprovison, and delete Azure AD users in Hybrid environment. You can also perform other operations such as add and remove Azure AD users to Groups and assign Office 365 licenses to users. Some of the user operations can be performed using the Management Shell in addition to the web interface. The following section guides you through the Active Roles web interface and Management Shell to manage Azure AD users.
Azure AD user management tasks using Web interface
Active Roles web interface enables you to perform the following management tasks for Azure AD users: