One Identity Manager 8.0
One Identity Manager 8.0
Extensions for Supporting SharePoint Online
The necessary database extensions for mapping a SharePoint Online system to the One Identity Manager database are in this SharePoint Online Module. The installation adds new tables and their associated relations. The SharePoint Online connector and a default project template are installed.
Topics:
Advice for synchronizing SharePoint Online objects
Advice for synchronizing SharePoint Online objects
Take the following into account when synchronizing SharePoint Online objects:
- The mapping for SharePoint Online objects is part of the SharePoint Online project template. SharePoint Online objects are synchronized using the SharePoint Online connector.
-
You require an administrative user account of the associated Azure Active Directory organization.
NOTE: This user account must be entered as the site collection administrator in all the site collections to be managed. You do this in SharePoint Online.
To find the name of the Azure Active Directory organization
- Log in to the Office 365 Admin Portal.
- Select Domains in the menu under Setup category on the left-hand side.
- The organization name is part of the domain name. For example: "<organization name>.onmicrosoft.com".
User and password are login data of the Azure Active Directory organization administrator's user account. The user name is, in this case, the email address: <user name>@<organization name>.onmicrosoft.com.
-
When you initially set up the system connection for SharePoint Online synchronization using the Synchronization Editor, the synchronization user must be one of the site collections administrators to be managed in SharePoint Online. This must also be an Azure Active Directory administrator.
- Synchronization must take place in the following order:
- Azure Active Directory.
- SharePoint Online.
Advice for mapping SharePoint Online objects
Advice for mapping SharePoint Online objects
SharePoint Online objects are user accounts, groups, site collections, sites, roles and role assignments.
The SharePoint Online Module permits reading, adding, deleting and editing of SharePoint Online objects in the Manager as laid down in the following table.
| Type | Read | Insert | Delete | Change |
|---|---|---|---|---|
| Tenant | Yes | No | No | No |
| Site collection | Yes | No | No | No |
|
User account |
Yes | Yes | Yes | Yes |
| Group | Yes | Yes | Yes | Yes |
| Site | Yes | No | No | Yes |
| Role | Yes | Yes | Yes | Yes |
| Role assignment | Yes | No | No | Yes |
Possible error when synchronizing SharePoint Online
Possible error when synchronizing SharePoint Online
Problem
Synchronization of SharePoint Online quits while loading site collections.
Cause
The synchronization user is not entered as a SharePoint Online administrator in all the site collections being synchronized and has insufficient permissions to access these site collections. There is no default user in SharePoint Online.
Solution
Exclude any site collections that do not have a synchronization user or have a synchronization user that is not entered as an administrator in SharePoint Online.
To exclude site collections from the scope of a SharePoint Online synchronization project.
- Open the Synchronization Editor.
- Select the category Configuration | Target systems.
- Select the Scope view.
- Click Edit scope. A list of site collections appears on the right-hand side.
- Select only those site collections in the list, whose synchronization user corresponds to the administrator in SharePoint Online.