立即与支持人员聊天
与支持团队交流

Active Roles 8.1.1 - Synchronization Service Administration Guide

Synchronization Service overview Deploying Synchronization Service Getting started Connections to external data systems
External data systems supported with built-in connectors
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Oracle Database Working with Oracle Database user accounts Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Working with Micro Focus NetIQ Directory Working with Salesforce Working with ServiceNow Working with Oracle Unified Directory Working with an LDAP directory service Working with an OpenLDAP directory service Working with IBM DB2 Working with IBM AS/400 Working with IBM RACF Working with MySQL database Working with an OLE DB-compliant relational database Working with SharePoint Working with Microsoft 365 Working with Microsoft Azure Active Directory Configuring data synchronization with the SCIM Connector Configuring data synchronization with the Generic SCIM Connector Objects and operations supported by the SCIM Connector Example of using the Generic SCIM Connector for data synchronization
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Developing PowerShell scripts for attribute synchronization rules Using PowerShell script to transform passwords

SPOWebTemplate object attributes

Table 90: SPOWebTemplate attributes

Attribute

Description

Supported operations

CompatibilityLevel

Gets the compatibility level of the web template.

Read

Description

Gets the description of the web template.

Read

DisplayCategory

Gets the name of the category to which the web template belongs.

Read

LocaleID

Gets the Locale ID (LCID) of the web template.

Read

Name

Gets the name of the web template.

Read

ObjectID

Gets the unique object identifier (GUID).

Read

Title

Gets the title of the web template.

Read

SPOTenant object attributes

Table 91: SPOTenant attributes

Attribute

Description

Supported operations

ExternalServicesEnabled

Gets or sets the maximum compatibility level for new sites.

Read, Write (update only)

MinCompatibilityLevel

Gets or sets the minimum compatibility level for new sites.

Read, Write (update only)

NoAccessRedirectUrl

Gets or sets the redirect URL for the SPOSite object whose LockState attribute value is set to NoAccess.

Read, Write (update only)

ObjectID

Gets the unique object identifier (GUID).

Read

ResourceQuota

Gets or sets the server resource quota available to the organization.

Read, Write (update only)

ResourceQuotaAllocated

Gets or sets the server resource quota limit for the organization.

Read, Write (update only)

StorageQuota

Gets or sets the storage quota available to the organization.

Read, Write (update only)

StorageQuotaAllocated

Gets or sets the storage quota limit for the organization.

Read, Write (update only)

User object attributes

The Office 365 Connector provides the following attributes for the User object in Microsoft 365:

  • Attributes Related to License Plans and Services

  • Other attributes

Attributes Related to License Plans and Services

These attributes allow you to get or set the license plans and services available to the user in Microsoft 365. The attributes support Read and Write operations.

The names and display names of these attributes are formed dynamically according to the following patterns:

Table 92: Naming patterns for attributes

Item

Naming pattern

Examples

Attribute display name

<LicensePlanNameOnGUI> - <ServiceNameOnGUI>

In this pattern:

LicensePlanNameOnGUI is the license plan name as it is displayed on the Microsoft 365 user interface.

ServiceNameOnGUI is the service name as it is displayed below the corresponding license plan on the Microsoft 365 user interface.

Microsoft 365 Plan E3 - Office Web Apps

Microsoft 365 Plan K2 - Exchange Online Kiosk

Attribute name

<LicensePlanName>-<ServiceName>

In this pattern:

LicensePlanName is the license plan name in the form used by the Microsoft 365 cmdlets for Windows PowerShell.

ServiceName is the service name in the corresponding license plan. The service name is displayed in the form used by the Microsoft 365 cmdlets for Windows PowerShell.

ENTERPRISEPACK-SHAREPOINTWAC

DESKLESSWOFFPACK-EXCHANGE_S_DESKLESS

These attributes can take one of the following values:

  • True: Specifies that the service is selected in the corresponding license plan in Microsoft 365.

  • False: Specifies that the service is selected in the corresponding license plan in Microsoft 365.

If necessary, you can modify the display names of Microsoft 365 license plans and services that appear in the Synchronization Service Console. These display names are part of the Office 365 Connector schema and saved in the O365LicensePlansServices.xml file located in the Synchronization Service installation folder (by default, this is %ProgramFiles%\One Identity\Active Roles\7.4\SyncService).

For example, you may need to modify the name of a license plan or service in the Office 365 Connector schema when the corresponding name changes in the Microsoft 365 user interface and therefore the related attribute display name becomes outdated in the Synchronization Service Console.

To modify the display names of attributes in the Office 365 Connector schema

  1. Open the O365LicensePlansServices.xml file located in the Synchronization Service installation folder.

  2. In the appropriate XML elements, modify the values of the PlanDisplayName and ServiceDisplayName attributes as necessary. See the table below for more information about the XML elements used in the file.

  3. When you are finished, click OK.

Table 93: XML elements

XML element

Description

Example

<Plan>

Defines the name and display name of the attribute related to a particular Microsoft 365 license plan in the Office 365 Connector schema.

This element has the following attributes:

  • PlanName: The license plan name in the form used by the Microsoft 365 cmdlets for Windows PowerShell.

  • PlanDisplayName: The license plan name as it displays in the Synchronization Service Console.

<Plan PlanName="STANDARDPACK" PlanDisplayName="Microsoft Office 365 Plan E1"/>

<Service>

Defines the name and display name of the attribute related to a particular Microsoft 365 service in the Office 365 Connector schema.

This element has the following attributes:

  • ServiceName: The service name in the form used by the Microsoft 365 cmdlets for Windows PowerShell.

  • ServiceDisplayName: The service name as it displays in the Synchronization Service Console.

<Service ServiceName="OFFICESUBSCRIPTION" ServiceDisplayName="Office Professional Plus" />

Other attributes
Table 94: Other attributes

Attribute

Description

Supported operations

AllowUMCallsFromNonUsers

Gets or sets whether to exclude or include the user in directory searches.

This attribute can take one of the following values:

  • None: Specifies to exclude the user from directory searches.

  • SearchEnabled: Specifies to include the user in directory searches.

Read, Write

AlternateEmailAddresses

Gets or sets the alternate email addresses of the user.

Read, Write

AssistantName

Gets or sets the name of the user’s assistant.

Read, Write

BlockCredential

Gets or sets whether or not the user can sign in and use Microsoft 365 services.

This attribute can take one of the following values:

  • TRUE: Specifies that user’s Microsoft Online Services ID is disabled and the user cannot sign in and use Microsoft 365 services.

  • FALSE (default): Specifies that user’s Microsoft Online Services ID is enabled and the user can sign in and use Microsoft 365 services.

Read, Write

City

Gets or sets the user’s city.

Read, Write

Company

Gets or sets the name of user’s company.

Read, Write

Country

Gets or sets the user’s country.

Read, Write

CountryOrRegion

Gets or sets the country or region of the user.

Read, Write

Department

Gets or sets the user’s department.

Read, Write

DisplayName

Gets or sets the display name of the user.

Read, Write

Fax

Gets or sets the user’s fax number.

Read, Write

FirstName

Gets or sets the first name of the user.

Read, Write

ForceChangePassword

Gets or sets whether or not the user is forced to change their password the next time the user signs in to Microsoft 365.

  • TRUE: Specifies that the user must change their password the next time the user signs in to Microsoft 365.

  • FALSE (default): Specifies that the user does not have to change their password the next time the user signs in to Microsoft 365.

Write

NOTE: To write data by using this attribute, you must at the same time write data by using the Password attribute.

HomePhone

Gets or sets the home phone number of the user.

Read, Write

ImmutableId

Gets or sets the GUID of the user in Microsoft 365.

This GUID is used to verify the identity of the Active Directory user when the user accesses Microsoft 365 by using single sign-on.

Note that in order the Office 365 Connector could read the ImmutableId attribute value stored in Microsoft 365, that value must be in base64 encoding format. If the ImmutableId attribute value has any other encoding format, the Office 365 Connector returns an error when reading that value.

Read, Write

Initials

Gets or sets the initials of the user.

Read, Write

LastName

Gets or sets the last name of the user.

Read, Write

LiveID

Gets the user’s unique login ID.

Read

MailboxId

Gets the GUID of the user’s mailbox.

Read

Manager

Gets or sets the name of the user’s manager.

Read, Write

MobilePhone

Gets or sets the user’s mobile phone number.

Read, Write

Name

Gets or sets the name of the user.

Read, Write

Notes

Gets or sets notes about the user.

Read, Write

ObjectID

Gets the unique object identifier (GUID).

Read

Office

Gets or sets the user’s office.

Read, Write

OtherFax

Gets or sets the alternate fax number of the user.

Read, Write

OtherHomePhone

Gets or sets the alternate home phone number of the user.

Read, Write

OtherTelephone

Gets or sets the alternate phone number of the user.

Read, Write

Pager

Gets or sets the pager of the user.

Read, Write

Password

Sets a password for the user.

Write

PasswordNeverExpires

Gets or sets whether or not the user’s password periodically expires.

This attribute can take one of the following values:

  • TRUE (default): Specifies that the user’s password never expires.

  • FALSE: Specifies that the user’s password periodically expires.

Read, Write

Phone

Gets or sets the phone number of the user.

Read, Write

PhoneNumber

Gets or sets the user’s phone number.

Read, Write

PhoneticDisplayName

Gets or sets a phonetic pronunciation of the value specified in the DisplayName attribute for the user.

Read, Write

PostalCode

Gets or sets the user’s postal code.

Read, Write

PostOfficeBox

Gets or sets the post office box number of the user.

Read, Write

PreferredLanguage

Gets or sets the preferred language for the user.

Read, Write

RemotePowerShellEnabled

Gets or sets whether remote Windows PowerShell cmdlets are available to the user.

This attribute can take one of the following values:

  • TRUE

  • FALSE

Read, Write

ResetPasswordOnNextLogon

Gets or sets whether the user must reset their password at next logon.

This attribute can take one of the following values:

  • TRUE

  • FALSE

Read, Write

SimpleDisplayName

Gets or sets an alternate description of the user in a situation where a limited set of characters is allowed.

The limited set of characters includes ASCII characters from 26 to 126.

Read, Write

State

Gets or sets the state where the user is located.

Read, Write

StateOrProvince

Gets or sets the state or province of the user.

Read, Write

StreetAddress

Gets or sets the user’s street address.

Read, Write

Title

Gets or sets the user’s title.

Read, Write

UMDtmfMap

Gets or sets whether to create a user-defined DTMF map for the user if it has Unified Messaging enabled.

Read, Write

UsageLocation

Gets or sets the two-letter ISO country designation. This attribute specifies the user’s country where services are consumed.

Read, Write

UserPrincipalName

Gets or sets the user’s Microsoft Online Services ID.

Read, Write

WebPage

Gets or sets the web page address of the user.

Read, Write

WindowsEmailAddress

Gets or sets the email address of the user stored in Active Directory.

Read, Write

VoicePolicy object attributes

Table 95: VoicePolicy object attributes

Attribute

Description

Supported operations

Anchor

Gets the Anchor property value of the policy.

Read

Description

Gets the policy description.

Read

Identity

Gets the unique identifier assigned to the policy.

Read

Members

Gets the users who have been assigned the policy.

Read

ObjectID

Gets the unique object identifier (GUID).

Read

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级