Month: June 2012
Hi all, in testing I’ve found a few interesting things in how DirSync V1 (BPOS) and DirSync V2 (O365) work in regards to on-premises Active Directory User Accounts’ being either set as –Enabled or –Disabled.
In BPOS, DirSync pulls the User enablement setting (Account Enabled/Disabled) and push that across via DirSync as the following (isDisabled): So if you enable/disable AD users, your corresponding online users will receive the same setting.
Note that if you have a Disabled user in AD, you CAN go into BPOS MOAC and enable the user
In O365, DirSync will pull the same information, however the Attribute Name used is a bit different (accountEnabled): Whatever is set in AD will be pushed into the cloud the same as the BPOS DirSync V1 application:
Note – You are not able to go into the MOP and re-enable the user, like you could do in BPOS MOAC. In O365, if you want to enable the synchronized user, you must enable them on-premises. Note the Set Sign-In Status section, which is read-only!!
For those Mac users in Office 365, you may find that your SharePoint online document check-in/check-out operations are extremely slow and sometimes fail to complete. MacAfee has reported that due to the way in which their anti-virus service works along with the way in which multiple files are downloaded during the check-out/check-in process, performance at this time degrades significantly, as explained below.
Note – It has been reported that disabling the service did NOT resolve this issue and users had to uninstall the MacAfee anti-virus application to resolve this issue. MacAfee is currently working on this issue and if you need to continue using this anti-virus solution, please contact MacAfee to determine if a fix is available.
For those BPOS customers who are using a Droid Mobile device and the default mail client, you will find that your mail client is NOT able to be redirected to the moved mailbox, which is now in Exchange Online 365. To resolve this issue, please use the following:
Admins who may be fighting with Office 365 Directory Synchronization and not getting their on-premises Groups to synchronize into the cloud…this one is for YOU! Directory Synchronization V2 now checks for the existence of the Active Directory displayName attribute and value before it will synchronize the group and its members into the cloud.
To get these groups to properly sync, simply go into Active Directory Users and Computers (ADUC) and populate the group with a displayName and force a DirSync run operation. Once completed you will now find your Group listed in either the Microsoft Online Portal (MOP) for Security Groups or the EXO365 Exchange Control Panel (ECP) for Distribution Groups.
For those administrators going through the BPOS to Office 365 Transition, there are a few Active Directory (If using Directory Synchronization) and BPOS attributes that need to be reviewed. These attributes and values are very important in terms of how they will be seen and possibly changed once you start running DirSync V2 against Office 365.
Active Directory into BPOS uses the AD users Primary SMTP to synchronize the user and stamp their UPN and SMTP address(es). This is performed via the DirSync V1 operation when communicating with BPOS. Once a BPOS tenant has been Transitioned into Office 365, the administrator must uninstall DirSync V1 and install and use DirSync V2, which will run against Office 365. DirSync V2 has different logic which now splits out the SMTP and UPN as separate and distinct attributes and values. On-premises Active Directory UPN flows as UPN and SMTP address(es) flow as SMTP address(es).
When you run DirSync V2 for the 1st time, a Full Synchronization is performed and will find all online users and find a match with the on-premises Active Directory users, and this is called a Soft-Match, based on on-premises AD and online user SMTP addresses. HOWEVER DirSync will compare the on-premises user’s proxyAddresses list against the online users proxyAddress list and IF the on-premises Primary SMTP address (i.e. SMTP:firstname.lastname@example.org, smtp:email@example.com) is different than the online users proxyAddress Primary SMTP, then the online user’s Primary SMTP address WILL BE CHANGED to what is set as Primary within the customer’s Active Directory.
- On-Premises: SMTP:firstname.lastname@example.org
- Online: SMTP:user.lastName@contoso.com
RESULTS = This user’s Primary SMTP address WILL CHANGE to email@example.com once DirSync V2 is run. The end user may not realize this is happening, as they will be sending mail and not realize they are sending as a different address. At some point a respondent may ask “Is this you? Your email is different”, which tips them off that something has changed.
- After activating BPOS users, have you gone into the user’s settings and changed either their UPN or SMTP address, using either MOAC or PowerShell?
- If yes, then you will need to review this users on-premises Active Directory UPN and SMTP address(es) and either change the AD settings or modify the online user’s settings to align with what is set within BPOS. The reason for this is to make sure that when DirSync V2 is run that no attributes and values will change.
- If no, you should still review your Active Directory and verify whether user’s UPN and SMTP align and are the same. This is a very important task, as users will use a single name for email, login and instant messaging and aligning these properties will make it much easier for end users.
For those of you who use Exchange Online 365 and Outlook for your day-to-day messaging needs, you may have found a cap of 128k worth of rules that can be processed. This size comes from the size of the Outlook .rwz file which holds your Outlook rules. As you start to create additional rules, the size of this file will grow and once you have reached ~128k, any rules created after that will not fire/work. To reduce the size of this file and by extension be able to run a larger amount of rules, you can use the following approach, which significantly reduces the size of the rules, which mean more rules can be created and used:
- When creating Outlook rules, when prompted to browse to select a user alias/DL, etc MANUALLY type the alias
- When you browse and select a user/group, the entire Distinguished Name (DN) is used and populated into the .rwz file, which significantly increases the file size, thus limiting the amount of entries you can have/use.
Great article on how you can use Office 2003 with Office 365. As you may already know Outlook 2003 can be used with Exchange Online 365, however it can only be used with the POP3 or IMAP4 & SMTP protocols. this is because of the way Outlook 2003 leverages MAPI and RPC/HTTP, so a decision was made to support Outlook 2003 but only for these down-level protocols. So if you are using Office 2003 and Office 365, this is a great article on what you can expect with regards to your usage experience: