Chat now with support
Chat with Support

Active Roles 8.0 LTS - Synchronization Service Administration Guide

Synchronization Service Overview Deploying Synchronization Service Getting started Connections to external data systems
External data systems supported with built-in connectors
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Oracle Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Working with Micro Focus NetIQ Directory Working with Salesforce Working with ServiceNow Working with Oracle Unified Directory Working with an LDAP directory service Working with IBM DB2 Working with IBM AS/400 Working with an OpenLDAP directory service Working with IBM RACF connector Working with MySQL database Working with an OLE DB-compliant relational database Working with SharePoint Configuring data synchronization with the Office 365 Connector
Creating a Microsoft 365 connection Viewing or modifying a Microsoft 365 connection Microsoft 365 data supported for data synchronization
ClientPolicy object attributes supported for Microsoft 365 data synchronization ConferencingPolicy object attributes supported for Microsoft 365 data synchronization Contact object attributes supported for Microsoft 365 data synchronization DistributionGroup object attributes supported for Microsoft 365 data synchronization Domain object attributes supported for Microsoft 365 data synchronization DynamicDistributionGroup object attributes supported for Microsoft 365 data synchronization ExternalAccessPolicy object attributes supported for Microsoft 365 data synchronization HostedVoicemailPolicy object attributes supported for Microsoft 365 data synchronization LicensePlanService object attributes supported for Microsoft 365 data synchronization Mailbox object attributes supported for Microsoft 365 data synchronization MailUser object attributes supported for Microsoft 365 data synchronization PresencePolicy object attributes supported for Microsoft 365 data synchronization SecurityGroup object attributes supported for Microsoft 365 data synchronization SPOSite object attributes supported for Microsoft 365 data synchronization SPOSiteGroup object attributes supported for Microsoft 365 data synchronization SPOWebTemplate object attributes supported for Microsoft 365 data synchronization SPOTenant object attributes supported for Microsoft 365 data synchronization User object attributes supported for Microsoft 365 data synchronization VoicePolicy object attributes supported for Microsoft 365 data synchronization Microsoft 365 Group attributes supported for Microsoft 365 data synchronization Changing the display names of synchronized Microsoft 365 licenses and services
Objects and attributes specific to Microsoft 365 services How the Office 365 Connector works with data
Configuring data synchronization with the Microsoft Azure AD Connector Configuring data synchronization with the SCIM Connector Configuring data synchronization with the Generic SCIM Connector
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use
About scenarios Scenario 1: Create users from a .csv file to an Active Directory domain Scenario 2: Use a .csv file to update user accounts in an Active Directory domain Scenario 3: Synchronizing data between One Identity Manager Custom Target Systems and an Active Directory domain Scenario 4: Deprovisioning between One Identity Manager Custom Target Systems and an Active Directory domain Scenario 5: Provisioning of Groups between One Identity Manager Custom Target Systems and an Active Directory domain Scenario 6: Enabling Delta Sync mode between One Identity Manager Custom Target Systems and an Active Directory domain Example of using the Generic SCIM Connector for data synchronization
Appendix A: Developing PowerShell scripts for attribute synchronization rules Appendix B: Using a PowerShell script to transform passwords

Objects and attributes specific to Microsoft 365 services

When configuring the O365 connection settings, you can select the Microsoft 365 services you want to work with, such as SharePoint Online, Exchange Online, or Microsoft Teams.

The following table describes the object types and attributes that become available in the Active Roles Synchronization Service Console when you select a particular check box in the connection settings.

NOTE: The objects and object attributes that are not mentioned in the following table are always available in the Active Roles Synchronization Service Console.

Table 111: Objects and attributes specific to Microsoft 365 services

Check box

Related objects

Related attributes

SharePoint Online

SPOSiteGroup

All

SPOWebTemplate

All

SPOTenant

All

Exchange Online

Contact

All

DistributionGroup

All

DynamicDistributionGroup

All

User

Manager

Microsoft Teams

ClientPolicy

All

ConferencingPolicy

All

ExternalAccessPolicy

All

HostedVoicemailPolicy

All

VoicePolicy

All

PresencePolicy

All

User

  • AudioVideoDisabled
  • ClientPolicy
  • ConferencingPolicy
  • Enabled
  • EnterpriseVoiceEnabled
  • ExchangeArchivingPolicy
  • ExternalAccessPolicy
  • HostedVoicemailPolicy
  • LineURI
  • LineServerURI
  • PresencePolicy
  • PrivateLine
  • RegistrarPool
  • RemoteCallControlTelephonyEnabled
  • SipAddress
  • VoicePolicy

How the Office 365 Connector works with data

To read and write data in Microsoft 365, the Office 365 Connector relies on the cmdlets of the following Windows PowerShell modules:

  • Microsoft Azure Active Directory Module for Windows PowerShell (previously known as Microsoft Online Services Module for Windows PowerShell)

  • PowerShell Module for Microsoft Teams

  • SharePoint Online Management Shell.

As a result, the connector can only work with data supported by the cmdlets of these PowerShell modules.

NOTE: Due to its reliance of the above PowerShell modules, the Office 365 Connector cannot read or write the data of:

  • Objects written to Microsoft 365 by the Microsoft Azure Active Directory Sync tool.
  • Password hashes.

Configuring data synchronization with the Microsoft Azure AD Connector

With the Microsoft Azure AD Connector, you can configure data synchronization connections toward Microsoft Azure Active Directory (Azure AD).

The Microsoft Azure AD Connector supports the following features:

Table 112: Supported features

Feature

Supported

Bidirectional synchronization

Specifies whether you can both read and write data in the connected data system.

Yes

Delta processing mode

Specifies whether the connection can process only the data that has changed in the connected data system since the last synchronization operation. This reduces the overall synchronization duration.

No

Password synchronization

Specifies whether you can synchronize user passwords from an Active Directory (AD) domain to the connected data system.

No

Secure Sockets Layer (SSL) data encryption

Specifies whether the connector can use SSL to encrypt data transmitted between Active Roles Synchronization Service and the connected data system.

Yes

Configuring a Microsoft Azure AD connection

To create a connection to Microsoft Azure Active Directory (Azure AD) with the Microsoft Azure AD Connector, you must perform two procedures:

  1. Configure Active Roles Synchronization Service as an Azure application in your Microsoft Azure AD organization. For more information on this procedure, see Configuring the Microsoft Azure AD Connector as an Azure application for data synchronization.

  2. Configure the Microsoft Azure AD Connector in the Active Roles Synchronization Service console. For more information, see Creating a connection with the Microsoft Azure AD Connector.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating