+ Post New Thread
Results 1 to 10 of 10
Cloud Services Thread, Office 365 Initial Dirsync task in Technical; I need some help! I started to setup O365 to migrate my Exchange 2007 users over to. I ran through ...
  1. #1

    Join Date
    Nov 2011
    Location
    Southampton
    Posts
    23
    Thank Post
    4
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Office 365 Initial Dirsync task

    I need some help!

    I started to setup O365 to migrate my Exchange 2007 users over to. I ran through instructions to get ADFS installed and then Dirsync. That went well and I saw all my users in O365, of course with no mailboxes. Then came the bit where I needed to do a cutover migration and it wouldn't let me as I had already run Dirsync.

    Turning the Directory Sync off in the O365 console, I deleted all my user accounts and removed them from the deleted too. Run and completed the cutover, put O365 live and it is working with ADFS okay.

    Back to Dirsync - run through the setup again and it started to do the initial sync between my AD and O365. I spotted things I didnt like the look of and it is here that I have stopped the sync, mid process.


    The question is: after a cutover where mailboxes are created and then running Dirsync, what do the terms "Deletes" and "Deleted Connectors" mean? What I am worried about happening is it wiping out my existing data and creating empty users. It seems to suggest deleting my current users as the numbers are the same. Could it be related to me deleting the original set before the cutover?


    Staging shows 'Deletes' 800+ users
    Inbound Synchronization shows 'Deleted Connectors' 800+ users
    Outbound Synchronization shows Export Attribute Flow and Provisioning Adds and 800+ too.


    Anyone knows what this means? I can't let this complete without some ideas first. Have I missed something? I never run the script to convert on-prem users to mail enabled users as I always thought the users were mail enabled.

  2. #2

    Join Date
    Nov 2011
    Location
    Southampton
    Posts
    23
    Thank Post
    4
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Convert Exchange 2007 mailboxes to mail-enabled users after a staged Exchange migration - Email and calendar - Microsoft Office 365 Community - Microsoft Office 365 Community

    This may be my issue, the conversions to MEU's not being done. It's not exactly that clear with all the MS posts around O365 and nothing seems definite. If anyone has done this, can they confirm that after a cutover migration, you converted the maiboxes. If only everything MS did was simple...

  3. #3

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,343
    Thank Post
    624
    Thanked 1,584 Times in 1,421 Posts
    Rep Power
    414
    @EduTech may be able to help.

    Ben

  4. Thanks to plexer from:

    MrBrow (24th April 2014)

  5. #4

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,047
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Hi,

    I am not sure what state your directory sync management agents are in, as I assume you would have stopped this in the middle of one of the Run Jobs so it's some what hard to say. In terms of the "Deletes & Deleted Connectors" this pretty much tells you what has been picked up from your On-Premise Directory Store and it will basically set a deletion in the metaverse.

    Outbound Synchronization shows Export Attribute Flow and Provisioning Adds and 800+ too

    From this, it looks like you have 800+ objects waiting to be added to Windows Azure Active Directory if your outbound synchronization stats are for that MA.

    ----

    If you launch a Powershell console, connect to Office 365 Service and then run the following command for some of your users

    Get-MsolUser -UserPrincipalName someone@contoso.com | select DisplayName, UserPrincipalName, ImmutableID

    Do all of your users have a value set for ImmutableID?

    ... if you are un-sure you could probably get away with just doing a FULL SYNC for both MA's this should tie things back up {even more so if the ImmutableID value has already being set}

    Let me know if you want to have a chat.... hard to advise without knowing everything about your environment and the state it's currently in.

    Thanks,
    James.

  6. Thanks to EduTech from:

    MrBrow (24th April 2014)

  7. #5

    Join Date
    Nov 2011
    Location
    Southampton
    Posts
    23
    Thank Post
    4
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi James,

    I appreciate the reply. I did stop the job part way through, actually when the Dircync was in it's staging process. To me it looked like it scanned AD and was attempting to match up accounts, decided that the accounts were already present and then was going to recreate all users with blank mailboxes. This could be extremely far fetched but reading other forum posts, that's way Dirsync comes across. This would be the 2nd full sync I started, the first being run before I did the 'Cutover' then I binned them all and migrated the mailboxes. Now I am back to the sync again. Between the 2 different jobs and what I have read, I am not entirely sure what it's actually trying to do.

    To you, does it seems like it will be deleting the previous users from its local DB and then creating new ones or starting a fresh with all loud accounts? I cant see what to expect from any first sync that is run. Woudl it match all and 'updates' only appear after a match has been completed in the first instance?

    O365 is live and everything is migrated over. ADFS is setup and working great, i am just left with the Dirsync to get sorted now.


    I will install the tools needed to run the powershell in a bit (not on site currently with my usual machine) and then take a look at the output. Can I just confirm that with a Cutover, am I expected to convert local mailboxes to MEU's? I need to do something with Exchange in the near future and there is differing thoughts on if a server is to remain local or not. I cant see the need to have the console local if I can do everything I expect to configure from PS, remotely.

    Thanks for the thoughts so far!

  8. #6

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,047
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Hi,

    Because you have the users already provisioned in Windows Azure Active Directory *(O365)* then what will happen is directory sync will soft-match to the accounts and set the Immutable ID etc. If the accounts in Office 365 are not already in a stage where they are Synced with Active Directory then it most definitely won't delete the accounts.

    If you are unsure, If I was you I would set the next job to do a FULL SYNC to do this launch regedit and browse to the following key

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSOLCoExiste nce

    Set the FullSyncNeeded DWORD to a value of 1

    Then you just need to launch the DirSyncConfigShell.psc1 and type Start-OnlineCoexistenceSync

    This should then sort things out for you, review the report and resolve any issues that are flagged with account soft-matches or/ duplicates etc.

    I hope that helps,

    James.

  9. #7

    Join Date
    Nov 2011
    Location
    Southampton
    Posts
    23
    Thank Post
    4
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Easter has been getting in the way and a very busy first half of the week. James, thanks for the update. I need to attempt this tomorrow so will try the reg change. I suspect the existing db contain the first sync data still so it was just flushing the old data out.

  10. #8

    Join Date
    Nov 2011
    Location
    Southampton
    Posts
    23
    Thank Post
    4
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Actually going back to the original response, if the 'ImmutableID' is not set and returns empty, does that suggest nothing has been set and no matches have occurred yet? It seems all users show blank ImmutableID's still.

  11. #9

    EduTech's Avatar
    Join Date
    Aug 2007
    Location
    Reading
    Posts
    5,047
    Thank Post
    160
    Thanked 913 Times in 716 Posts
    Blog Entries
    3
    Rep Power
    271
    Quote Originally Posted by MrBrow View Post
    Actually going back to the original response, if the 'ImmutableID' is not set and returns empty, does that suggest nothing has been set and no matches have occurred yet? It seems all users show blank ImmutableID's still.
    If your users do not have an ImmutableID value, and Directory Sync Tool has completed then

    - You will have errors in Directory Sync Tool stating that duplicate's have been found in Azure AD and so therefore it has been unable to perform a soft-match.

    ... check your log's to see what errors you have back after the FULL IMPORT FULL SYNC Run Job completed.

    James.

  12. #10

    Join Date
    Nov 2011
    Location
    Southampton
    Posts
    23
    Thank Post
    4
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Update:

    Ensured registry was changed, actually uninstalled and removed all folders so that any db was removed. Installed and run Dirsync and it now shows link to local AD. ImmutableID is now set. Done a test AD description change and it appears on Azure AD/O365. It did copy a new user across from local AD to Azure AD but created a contact rather than a mailbox, which is not ideal. Looking into that now as it is no good as it is. The existing users seem to be okay though.

    So all good, apart from that small issue above. Well done and thank you, James.

SHARE:
+ Post New Thread

Similar Threads

  1. Office 365 DirSync - STOPPED-SERVER-DOWN
    By mbedford in forum Cloud Services
    Replies: 14
    Last Post: 3rd June 2014, 04:14 PM
  2. Replies: 1
    Last Post: 1st April 2014, 01:15 PM
  3. Office 365 DirSync loses connection
    By Marshall_IT in forum Cloud Services
    Replies: 0
    Last Post: 31st July 2013, 11:45 AM
  4. DirSync will break when your Office 365 admin password expires
    By AngryTechnician in forum Cloud Services
    Replies: 0
    Last Post: 24th June 2013, 10:17 AM
  5. PSA: DirSync & Password Sync now available for Office 365
    By jamesbmarshall in forum Cloud Services
    Replies: 31
    Last Post: 19th June 2013, 04:01 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •