Quantcast
Channel: Directory integration services - Recent Threads
Viewing all 3141 articles
Browse latest View live

Cutover errors

September 29, 2014, 4:01 am
$
0
0

Hi,

We have got couple errors which got mailbox failed during migration,

1 tenant : 2 domain verified

mummy.in (on premise exchange server 2010) cutover migration has been completed

domain.in (already in cloud)

Error 1 : The operation couldn't be performed because object username@mummy.local' couldn't be found on 'HKNPR03B00235DH.APCPR04AP3.prod.outlook.com'.

Need answer for this.

 

Error 2 : A different type of Active Directory object already exists for "Mark.Nicolas@mummy.in" in the target forest. Please verify that the SMTP address is correct.

 

Need answer for this.

Error 3 : The name "James.Andrew" is already being used. Please try another name.


 We found that James.andrew was already in O365 portal with different domain eg : james.andrew@domain.in (we have 2 domains verified in single tenant domain.in and mummy.in). In this case what should I do? do I need to delete the user from the portal or any workaround?? can't we have a user who actually have 2 mail id in two different domain with same display name and email address??

 

Error 4 : AutoDiscover failed with a configuration error: The migration service failed to detect the migration endpoint using the Autodiscover service. Please enter the migration endpoint settings or go back to the first step and retry using the Autodiscover service. Consider using the Exchange Remote Connectivity Analyzer (https://testexchangeconnectivity.com) to diagnose the connectivity issues.

 

For the above error what should Needs to done? I can able to see the failed users in portal also?

 

Please help!!

 

Regards,
Sivaraman NR

Search

Dirsync and moving to new domain

October 16, 2014, 1:13 am
$
0
0

Hi,

I have a customer with approx. 50 users who is on SBS 2003 and Exchange 2003 currently. We are going to migrate them to Office 365 via the cutover method with no Dirsync.

After this we are going to deploy a new server for this customer in an new domain with new user accounts for these fitly users.

Once this is done I want to sync the new users with the Mailboxes already in Office365 for password synchronisation.

How would Link these new accounts with the existing mailboxes?

Thanks

Mark

Is there a way to sync exchange mail-contacts?

October 16, 2014, 1:52 am
$
0
0

I am doing a (hybrid) migration where we have a lot of mail-contacts in exchange that forwards mail to the contacts external mail-address.

Is there a way to sync/migrate these mail-contacts to Office 365? - All of them have an AD-user on-prem, but no mailbox, so it doesnt really help me to sync the local AD-user?

-Do i have to export the mail-contacts from exchange and import them manually, or is there a away to do this properly via dirsync or migration tools?

Not all Groups are synchronized to Azure

October 16, 2014, 8:05 am
$
0
0

Hello,

In my Environment i have installed Dirsync and all Users are synced successfully, Yesterday i added an OU with groups to synchronize them too.

2 days later I see that only 3 Groups where synchronized. There are no errors.???

kind regards

Windows Credential Manager Linking to Online ID (O365 Possible)?

October 16, 2014, 11:00 am
$
0
0

I am trying to work out a solution for a subset of users who have workgroup joined computers. I am trying to link the O365 login to the Windows login. I can do this for LiveID via Credential Manager. I cannot use my O365 credentials to link it to Windows credentials. I think this is due to one way forest trust between O365 and LiveID (MSN). I am looking for a solution where users can use a single login for Windows and O365. SSO is not an option due to workgroup and not being domain joined. I need to solve this problem for Windows 7 and 8.

Match On-prem AD user with a Cloud Identity

October 16, 2014, 2:19 pm
$
0
0

Hi,

One of our customers deployed Office 365 a long time ago only with SharePoint Online subscriptions, without syncronization with their local AD. Now they want integration because of an Exchange and Lync deployment.

Question is: Is there a way to match the Cloud identity with the one that will be synced? The customer has sites in SharePoint with a well defined hierarchy and user permision, so they're afraid of losing it after AD Sync. I went through the documentation and found the SMTP Matching KB that applies for Exchange Online (http://support2.microsoft.com/kb/2641663?wa=wsignin1.0), but I haven't found any regarding an existing  SharePoint Online deployment.

Regards,

Nicolás.

 

Can Litigation hold be enabled via DirSync of msExchELCMailboxFlags attribute?

October 16, 2014, 1:23 pm
$
0
0

I'm trying to determine if it is possible / supported practice to set a user for litigation hold where:

- Dirsync is in use

- The user's mailbox is on Office365

Considering that DirSync syncs the necessary attributes:  msExchECLMailboxFlags, msExchLitigationHoldOwner and msExchLitigationHoldDate,

would it be possible to set Litigation holds by setting these attributes in our on premises AD directory and letting them sync to MSOL?

Will Dirsync update O365 Azure AD to log out a user provided the Federated user`s password changed?

October 16, 2014, 3:33 pm
$
0
0

Experts,

Issue: Will Dirsync update O365 Azure AD to log out a user provided the Federated user`s password changed from Onpremise AD.

I guess Dirsync should provide an update.

However would like to know will it do it immediately or only when the next schedule sync cycle on dirsync?

To elaborate - 

Environment:

Domain: Federated

ADFS 2.0

Dirsync (No password sync)

User A accessing SharePoint Online from Browser, active session on user`s personal laptop.

Domain AD policy - Password has expired and user changes the password from his corporate laptop.

However user can still access SharePoint Online on his personal laptop.

Thus after how many minutes will it take before the user session running on personal laptop is been asked to re -authenticate.

Moreover update to the Azure AD for a change in the user object will be provided by Dirsync. However we have not set Dirsync to sync password.

Thus how O365 session understand for there is a change in the user credentail, is it by Dirsync or some other service?

Hope my question is clear to understand, based on the scenario.

Dematri

Search

Cached user, can't sign out of different account

October 9, 2014, 10:42 am
$
0
0

For some reason I cannot log into another account. When I sign in I put in the email and hit tab, it says taking me to organization sign in page and never gives me a chance to actually sign into a seperate account but just throws me into the old one. Is there a place where these credentials are being stored where I would be able to change them? I have cleared my cache and history numerous times and have no idea what is causing this to happen.

Hybrid Exchange Environment -- Free/Busy info share problem.

October 2, 2014, 2:40 pm
$
0
0

On a recently configured Exchange 2010 hybrid environment, all functional aspects of the environment working correctly.  I can send mail in either direction between on-premises and Exchange Online users.  The synced users show up correctly in the address books.  I had no errors when I completed the hybrid configuration wizard.  I have run through the Microsoft Free/Busy troubleshooting tools and all looks to be working correctly.

However, when I run the Test-FederatedTrust on a user in either location the first five test complete successfully, but the last test fails.  Looks like this:

RunspaceId : 
Id : TokenRequest
Type : Error
Message : Failed to request delegation token.

I've tried to delete and recreate the federated trust and everything work fine following the recreation, but I continue to get this one error which I believe is the reason that the Free/Busy information is not being shared.  Any suggestions on further troubleshooting or a way to resolve this?

ProvisioningStatus = Error

September 24, 2014, 4:53 am
$
0
0

Dear All,

I have a user whom is migrated from on premise to exchange online using DirSync a while ago.Although she does not have any issues, on Exchange Management Console i can see multiple errors such as " We are preparing a mailbox for this user" and Exchange: Failed to enable the new cloud archive XXXXXXXXX-XXXX-XXXX-XXXXXXXXXX of mailbox XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXX because a different archive XXXXXXXXX-XXXX-XXXX-XXXXXXXXXX exists. To enable the new archive, first disable the archive on-premises. After the next Dirsync sync cycle, enable the archive on-premises again.

Exchange: An unknown error has occurred. Refer to correlation ID: XXXXXXXXX-XXXX-XXXX-XXXXXXXXXX

I have run the commands on Azure:

Get-MsolUser -HasErrorsOnly -> this user is listed

(Get-MsolUser -UserPrincipalName User@contoso.com).Licenses[0].ServiceStatus - > I see that EXCHANGE_S_ENTERPRISE (exchange online) licensing has error. 

ServicePlan ProvisioningStatus
----------- ------------------
EXCHANGE_S_ENTERPRISE Error

On EAC i have unchecked the licensing (only EXCHANGE_S_ENTERPRISE) for this user waited couple of minutes and then assigned license in order to re-initiate Provisioning. Status changed to PendingInput. After an hour it came back with error. 

I could not find a solution on the internet for solving the error. Can you please assist me on this? 

Kind Regards

A.Kurtay

Hybrid Deployment - Change virtual directories URLs

October 17, 2014, 12:29 am
$
0
0

Hi all. We are planning to perform an hybrid migration to Exchange Online. Actually, the On-premises infrastructure is based on Exchange 2010 servers (2 CAS/HUB into a NLB and 2 MBX). The hybrid environment scenario will be implemented through a new Exchange 2013 server.

The question is: Must all the client access services (Autodiscover, OWA, ActiveSync, EWS, etc) to be redirected to the hybrid server (new Exchange 2013)? Only some of them?? Or these services must be mantained pointing to Exchange 2010 CAS/HUB NLB? In other words, internalURL and ExternalURL of virtual directories must be changed to Exchange 2013 server?

Thanks in advance!

Office 365 DirSync configuration - keeps "hanging" in step configuring

October 16, 2014, 10:59 pm
$
0
0

We installed DirSync in an environment with a single forerst and multiple domains. The installation went well and we start configuring DirSync. It now is over eight hours in the step configuring and still running. We installed DirSync at other customers without any issue. How can I figure out what is happening or possibly going wrong. In my opinion it should not take that long.

Convert-MsolDomainToFederated - went wrong

October 17, 2014, 8:47 am
$
0
0

Hi,


Had a problem in users experience when rolling out o365 SSO on AD FS 2.0 today.

After executing "Convert-MsolDomainToFederated –DomainName DomainA.com" command, with "DomainA.com" being federated, all the users with status "in cloud" using "DomainA.com" have their authentication redirected to my onpremise AD FS server for authentication. Is this normal ?

Note: had to use "Set-MsolDomainAuthentication -Authentication Managed -DomainName DomainA.com" to revert all users authentication back to cloud authentication, as not all users supposed to authenticate through onpremise AD FS server.


During my testlab setup few months back, when the domain was federated, users with status "in cloud" still have their authentication through cloud authentication. Only users being DirSync-ed (status "sync to ad"), will have their authentication redirected back to onpremise AD FS server.

Is there a change to the architecture of o365 due to AD FS 3.0 ?

Using AD FS 2.0, on DomainA.com, can I have some users with status "in cloud" to authenticate through cloud, while some users being DirSync-ed (status "sync to ad") to authenticate through onpremise AD FS server ?


Please advise.

Much appreciated. Thanks.

Regards,

CH

Need some clarification with cutover migration and AD Sync

October 17, 2014, 8:20 am
$
0
0

We are testing out the Exchange Online service with just a couple users, so we have not set up AD Sync. I have a series of related questions that I am having trouble finding a specific answer online, and also that I cannot test until after AD Sync is set up. Below is our setup and my questions:

Our Active Directory domain is "abc.com". It is only used for Active Directory. Our email domain is "xyz.com".

Currently for our testers, the login on Office 365 is their xyz.com account.

After a cutover migration and AD Sync, what will the username "domain" for logging in be? Will it be abc.com or xyz.com?

Running Outlook 2007 on the desktops, and obviously don't want users to have to login to Outlook every time they start up, nor do we want them to have to change their Outlook password when they change their AD password. Will they need to login upon creation of the new profile, or will the credentials be able to pass from the current logged in user of "abc.com" to the mail account of "xyz.com"?

Likewise, will they be prompted to change their "Outlook" password after they change their local Active Dir abc.com password?

Thanks

Search

IMAP to 365 Migration - When to Install and Use DirSync

October 17, 2014, 11:24 am
$
0
0

I am getting ready to do an IMAP to 365 migration for about 50 users.. They have local AD but use 3rd party for hosted pop/imap email.. 

I know when doing a cutover Exchange migration Microsoft says to not install DirSync until after the migration..

What is the process for installing DirSync when doing an IMAP migration?

Thank you.

DirSync is synching, but no licenses applied

October 3, 2014, 7:06 am
$
0
0

The whole point behind DirSync, I thought, was to allow easy management of users in Office365 tenants.  I've finally gotten DirSync to automatically add users, but they show up in Office365 as unlicensed.  I can see no way to have them automatically licensed with our Office365 licensing.  I can't even do it manually.  There are groups, but I have no option to assign licenses by group.  If you can't do that, why even support groups in the Office365 admin center?  All I can do is select all the users on the current view (which can't be increased beyond showing only 20 users), and then manually licensing them.  So I have to go through my 3000+ users manually - 20 at a time - and grant them access to our Office365 licenses.  Then I have to manually assign licenses to future unlicensed users every time I make an addition to my on-premises directory.  To me, this isn't living up to the promise that I was sold when DirSync was promoted to me by the Office365 team.  There has to be a way for DirSync to be a viable tool for enterprise admins without having to have a degree in coding to use PowerShell (don't get me started on PowerShell).  So the question here is how am I supposed to get my users in the tenant automatically licensed when they're synced over from my on-premises A.D. environment?

DirSync failing in Parent and Child domains

October 14, 2014, 1:13 pm
$
0
0

Hi there,

I'm seeing some odd issues with DirSync and Migrations so I'm wondering if the 2 are related. We have a parent domain, for example, domain.com, then we have 3 child domains, say a.domain.com, b.domain.com & c.domain.com.

 When I run start-onlinecoexistencesync as my account (member of Enterprise Admins and Domain Admins of the parent & child domains) then DirSync runs as expected. However, when it runs automatically with the MSOL_dd000000000 account then I get failures on all domains with the following message:

Error 8344 Insufficient access rights to perform the operation

I'm also seeing the following error when trying to set up the migration endpoint:

We couldn't detect your server settings. Please enter them. The ExchangeRemote endpoint settings could not be determined from the autodiscover response. No MRSProxy was found running at mail.domain.com

I'm wondering if this is because of the DirSync error (I was reading that write back errors can cause unexpected problems with Exchange Online). I We are running an F5 that had SSL offloading turned on, but we've disabled this and allowed traffic for the MRS through to the Exchange servers, so I'm not sure if something is not quite right with the F5, or if it is related to the DirSync errors.

Has anyone run into this before?


Thanks

DirSynced user showed in O365 Admin Console but not showed in Exchange online GAL

October 13, 2014, 5:55 am
$
0
0

I have a hybrid environment. All on-prem users were synchronized to O365 and I can see all of them in O365 Admin Portal. But one specific on-prem user can't be found in Exchange online GAL and all Exchange Online users who send mail to his mailbox will get NDR. But everything is fine in on-prem environment (Ex2010 SP3 RU7). All on-prem users  can send and receive mail from him without problem and they can see this person in on-prem Exchange 2010 GAL...


Need help to troubleshoot this issue.

Active directory sharepoint sync

October 14, 2014, 3:56 am
$
0
0

Hi There,

We have set up Active Directory, and already have a medium sized business office 365 account that we are already using.

My problem is, we have used Dirsync to eventually sync all users of sharepoint across to AD and the same vice versa.

I created a user yesterday and pushed the sync to SharePoint, but the user is not able to log into sharepoint using the details I supplied in AD.

Also I created a user in share point then created the same user in AD and this user cannot log in or be found in the share with option on a site.

Both users are in active users on SharePoint and also both state that they are "synced with Active directory"

Where have I gone wrong??

Any help would be appreciated.

Dean

Viewing all 3141 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>