A default project template ensures that all required information is added in One Identity Manager. This includes mappings, workflows, and the synchronization base object. If you do not use a default project template you must declare the synchronization base object in One Identity Manager yourself.
Use a default project template for initially setting up the synchronization project. For custom implementations, you can extend the synchronization project with the Synchronization Editor.
The project template uses mappings for the following schema types.
Table 24: Exchange Online schema type mapping
|
DistributionGroup |
O3EDL |
|
DynamicDistributionGroup |
O3EDynDL |
|
Mailbox |
O3EMailbox |
|
MailContact |
O3EMailContact |
|
MailPublicFolder |
O3EMailPublicFolder |
|
MailUser |
O3EMailUser |
|
MobileDeviceMailboxPolicy |
O3EMobileDeviceMBPolicy |
|
OWAMailboxPolicy |
O3EOwaMailboxPolicy |
|
PublicFolder |
O3EPublicFolder |
|
RetentionPolicy |
O3ERetentionPolicy |
|
RoleAssignmentPolicy |
O3ERoleAssignmentPolicy |
|
SharingPolicy |
O3ESharingPolicy |
|
UnifiedGroup |
O3EUnifiedGroup |
The following table describes permitted editing methods of Exchange Online schema types and names restrictions required by system object processing.
Adding and deleting user mailboxes can only be done in One Identity Manager through assignment subscriptions in Azure Active Directory. This creates a mailbox that does not appear in the database until it has been synchronized. Afterward, it can be provisioned automatically in Exchange Online.
Table 25: Methods available for editing schema types
|
Public folder (PublicFolder) |
Yes |
No |
No |
No |
|
Mail-enabled public folder (MailPublicFolder) |
Yes |
No |
No |
No |
|
Policy for role assignment (RoleAssignmentPolicy) |
Yes |
No |
No |
No |
|
Mailbox policy for mobile devices (MobileDeviceMailboxPolicy) |
Yes |
No |
No |
No |
|
Sharing policy (SharingPolicy) |
Yes |
No |
No |
No |
|
Retention policy (RententionPolicy) |
Yes |
No |
No |
No |
|
Outlook Web App mailbox policy (OWAMailboxPolicy) |
Yes |
No |
No |
No |
|
Mail user (MailUser) |
Yes |
Yes |
Yes |
Yes |
|
Mail contact (MailContact) |
Yes |
Yes |
Yes |
Yes |
|
Mailbox: resource mailbox (Mailbox) |
Yes |
Yes |
Yes |
Yes |
|
Mailbox: shared mailbox (Mailbox) |
Yes |
Yes |
Yes |
Yes |
|
Mailbox: user mailbox (Mailbox) |
Yes |
No |
No |
Yes |
|
Mailbox: calendar settings (Mailbox) |
Yes |
Yes |
Yes |
Yes |
|
Mailbox: statistics (Mailboxstatistics) |
Yes |
Yes |
Yes |
Yes |
|
Mail-enabled distribution mailbox (DistributionGroup) |
Yes |
Yes |
Yes |
Yes |
|
Dynamic distribution group (DynamicDistributionGroup) |
Yes |
No |
Yes |
Yes |
|
Office 365 group (UnifiedGroup) |
Yes |
Yes |
Yes |
Yes |
The following settings are configured for the system connection with the Exchange Online connector.
Table 26: Exchange Online connector settings
| User name |
Fully qualified name (FQDN) of the user account and password for logging in to Exchange Online.
Example:
<user>@<domain.com>
sync.user@yourorganisation.onmicrosoft.com
Variable: CP_Username |
| Password |
The user account’s password.
Variable: CP_Password |
| Use local server time for the revision |
Revision filtering data
If the value is True, the local server time of the server is used for revision filtering. (default) This makes it unnecessary to load target system object for determining the revision. If the value is false, the change time stamp of the underlying Azure Active Directory objects are used for revision filtering.
Variable: CP_UseLocalServerTimeAsRevision |
| Max. time difference (local/remote) in minutes |
Revision filtering data
Defines the maximum time difference in minutes between the synchronization server and the Exchange Online server. The default value is 60 minutes. If the time difference is more than 60 minutes, alter the value.
Variable: CP_LocalServerRevisionMaxDifferenceInMinutes |
|
Max. concurrent connections |
Maximum number of connections that can be used concurrently. The value must be between 1 and 20.
Default value: 2
Variable: CP_ConnectionPoolSize |
| Definition of Windows PowerShell commands |
You can use this setting to adjust the definition used by the connector in order to convert inputs and outputs between the Exchange Online Cmdlets and the schema of the Synchronization Engine.
IMPORTANT: You should only make changes to the connector definition with the help of support desk staff. Changes to this setting will have wide ranging effects on synchronization and must be made carefully. |
