Directory Synchronization & Active Directory User Account Enablement

Posted on Updated on

Hi all, in testing I’ve found a few interesting things in how DirSync V1 (BPOS) and DirSync V2 (O365) work in regards to on-premises Active Directory User Accounts’ being either set as –Enabled or –Disabled.

BPOS

In BPOS, DirSync pulls the User enablement setting (Account Enabled/Disabled) and push that across via DirSync as the following (isDisabled):  So if you enable/disable AD users, your corresponding online users will receive the same setting.

Note that if you have a Disabled user in AD, you CAN go into BPOS MOAC and enable the user

Office 365

In O365, DirSync will pull the same information, however the Attribute Name used is a bit different (accountEnabled):  Whatever is set in AD will be pushed into the cloud the same as the BPOS DirSync V1 application:

Note –  You are not able to go into the MOP and re-enable the user, like you could do in BPOS MOAC.  In O365, if you want to enable the synchronized user, you must enable them on-premisesNote the Set Sign-In Status section, which is read-only!!

Whatcha thinkin?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s