Directory Sync Lite Attribute Scope by Action

This is a list of the attributes by AD object type that are set or modified during the various stages an object will go through during its Migration life cycle. The list below references the Active Directory attribute by name. Integration and Integration Pro license types are required for Directory Sync Lite. Click here for more details on all the Directory Sync Lite Eligible Attributes.

 

What AD Attributes are set or modified during Power365 Integration Project?

Power365 Directory Sync Lite is limited on what attributes it will set during an operation. The following information provides a list of example attributes that are set or modified during the different Power365 actions taken against a user. There are 3 steps or actions that all users will go through for an Integration or Pro licensed project.

  1. Prepare
  2. Sync (Provisioning)
  3. Cutover

Each section below covers these different states for each object created or modified, listing the AD attributes touched during the process. Power365 DS Lite is restricted to the mandatory user attributes and Exchange Mail Recipient related attributes. The Exchange attributes must be added to the local AD schema prior to implementation. See the prerequisites guide for more information.

 

What happens during Prepare?

The first step in an Integration Project is to prepare your users for coexistence or the tenant-to-tenant integration phase of the migration project. During prepare a user is created or converted to a Mail-Enabled User. While a mail-enabled user, the target user does not require an Office 365 license. Prepare will also create a corresponding Mail Contact and set various properties required to control mail routing, free/busy requests and visibility in the Global Address Lists. After the “Prepare” step is complete on all users within scope, the coexistence phase is almost ready. To find out more about Prepare see the Power365 Quick Start Guide.

 

Example of a User Object created in the Target AD during Prepare

This example represents a user object created or updated during the Prepare process. During this step the user is created or updated, mail-enabled and finally hidden from the global address lists.

samAccountName = J.Smith

adminDescription = Created By Power365 Directory Sync

objectClass = user

userAccountControl = 512

unicodePwd = ****

mail = Smith.Jack@TwoFishTrust.com

userPrincipalName = J.Smith@TwoFishTrust.com

displayName = Jack Smith

givenName = Jack

sn = Smith

msExchHideFromAddressLists = TRUE

showInAddressBook = CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=TFT,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=TFT,DC=com

showInAddressBook = CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=TFT,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=TFT,DC=com legacyExchangeDN = /o=TFT/ou=External (FYDIBOHF25SPDLT)/cn=Recipients/cn=2bdf9b30-0c1f-4bd2-951f-3fef0af9dad8

msExchPoliciesExcluded = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}

msExchRecipientTypeDetails = 128

msExchRecipientDisplayType = 6

mailNickname = J.Smith

targetAddress = SMTP:Smith.Jack@OneFishBank.com

proxyAddresses = SMTP:Smith.Jack@TwoFishTrust.com

 

Example of a Contact Object created in Target AD during Prepare

This example represents a mail contact object created during the Prepare process, representing the source mailbox. This mail contact is displayed in the GAL and allows existing target users to send email and retrieve availability information from the source users.

adminDescription = Created By Power365 Directory Sync

objectClass = contact

msExchHideFromAddressLists = FALSE

showInAddressBook = CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=TFT,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=TFT,DC=com

showInAddressBook = CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=TFT,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=TFT,DC=com

displayName = Jack Smith

givenName = Jack

sn = Smith

targetAddress = SMTP:Smith.Jack@OneFishBank.com

mail = Smith.Jack@OneFishBank.com

mailNickname = J.Smith

legacyExchangeDN = /o=TFT/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=970b809e-a8d0-4896-ac0e-964def6422ef

msExchRecipientDisplayType = 6

msExchRecipientTypeDetails = 64

msExchPoliciesIncluded = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}

proxyAddresses = SMTP:Smith.Jack@OneFishBank.com

proxyAddresses = smtp:bcce8a99-f891-4701-be1c-06a9ed6b1d1d-C8-1-BT@TwoFishTrust.mail.onmicrosoft.com

 

What happens during the first Sync?

The next step for any user during a migration project is to begin staging data in their destination mailbox for a later cutover event. After which they will use the new target mailbox exclusively. During the first sync job scheduled or requested, the Sync process will provision a remote mailbox and license the user for Exchange Online. Since a mailbox is now in place, we also set the Forwarding address to direct any new mail destined for this mailbox to be sent to the source user’s mailbox until the cutover. During the Sync phase, the user will remain in this state until updated during cutover. Multiple sync jobs typically follow once the first sync or initial sync job is completed. For a more information, here is a diagram of the first sync process.

 

Example of a User Object modified in the Target AD during Provisioning

This example represents a user object updated during the Provisioning process. During this step the user is converted to a hidden remote mailbox. Once these attribute changes are synchronized to Azure AD, this hidden remote mailbox allows Power365 to begin pre-staging data to the target mailbox for migration purposes. The ForwardingSMTPAddress parameter is set on the cloud mailbox to forward any incoming mail for that target address prior to cutover to the existing source mailbox. The target user will also be assigned an Office 365 license based on the Migration Profile assigned.

userAccountControl (Replace) = 512

msExchRecipientTypeDetails (Replace) = 2147483648

msExchRecipientDisplayType (Replace) = -2147483642

msExchRemoteRecipientType (Replace) = 3

msExchPoliciesIncluded (Replace) = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}

msExchPoliciesExcluded (Delete)

targetAddress (Replace) = SMTP:J.Smith@TwoFishTrust.mail.onmicrosoft.com

proxyAddresses (Replace) = x500:/o=ExchangeLabs/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=b8ddf35c90b44c3a909fedc3d42574eb-Jack Smith

proxyAddresses (Replace) = SMTP:Smith.Jack@TwoFishTrust.com

proxyAddresses (Replace) = smtp:J.Smith@TwoFishTrust.mail.onmicrosoft.com

msExchArchiveName (Replace) = Online Archive - Jack Smith

msExchArchiveGuid (Replace) = ec1a0bdd-229d-4422-9dfc-9cf012b4bfe9

 

What happens during User Cutover?

The final step a user must complete within a migration project is to be cutover to the destination mailbox and Office 365 tenant. After which they can use the new target mailbox exclusively. During the cutover job both the source and target managed objects will be modified to enforce mail routing and continue to allow mail to flow while the original domain remains in the source tenant. Once the user cutover is complete, the user is not modified again, except in the case of a Domain Cutover, where Power365 will update the state of the user based on the domain move process. For more information, here is a related diagram of the user cutover process.

 

Example of a User Object modified in the Target AD during Cutover

This example represents a user object modified during the cutover process. During this step the existing mailbox user that was created or updated previously by P365 Directory Sync Lite is now changed so that it is displayed in the GAL and the original legacyExchangeDN value from the Mail Contact is set as an X500 proxyaddresses value. In addition, the source legacyExchangeDN address is added as an x500 proxy alias. This will ensure reply-ability when using Outlook’s recently cached contacts.

msExchHideFromAddressLists (Replace) = FALSE

proxyAddresses (Replace) = smtp:J.Smith@TwoFishTrust.mail.onmicrosoft.com

proxyAddresses (Replace) = x500:/o=ExchangeLabs/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=b8ddf35c90b44c3a909fedc3d42574eb-Jack Smith

proxyAddresses (Replace) = SMTP:Smith.Jack@TwoFishTrust.com

proxyAddresses (Replace) = x500:/o=TFT/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=970b809e-a8d0-4896-ac0e-964def6422ef

 

Example of a Contact Object modified in Target AD during Cutover

This example represents a mail contact object modified during the cutover process. During this step the existing mail contact that was created by P365 Directory Sync is modified so that it is hidden from the GAL and the legacyExchangeDN value is replaced with a new one. This is done so that the original value can be applied to the Target Mailbox’s proxyaddresses as an X500.

legacyExchangeDN (Replace) = /o=TFT/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=970b809e-a8d0-4896-ac0e-964def6422ef-5570 msExchHideFromAddressLists (Replace) = TRUE

 

Example of a User Object modified in the Source AD during Cutover

This example represents a user object modified during the cutover process. Once the mailbox is hidden, Power365 will set mail store and forwarding, so that new mail is delivered to the target mailbox.

adminDescription (Replace) = Updated By Power365 Directory Sync

msExchHideFromAddressLists (Replace) = TRUE

 

Example of a Contact Object created in Source AD during Cutover

This example represents a mail contact object created during cutover representing the target mailbox user. This mail contact is displayed in the source tenant’s GAL and allows remaining source users to send email and retrieve availability information from the target (migrated) users.

adminDescription = Created By Power365 Directory Sync

objectClass = contact

msExchHideFromAddressLists = FALSE

showInAddressBook = CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=OFB,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=OFB,DC=com

showInAddressBook = CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=OFB,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=OFB,DC=com

displayName = Jack Smith

givenName = Jack

sn = Smith

targetAddress = SMTP:Smith.Jack@TwoFishTrust.com

mail = Smith.Jack@TwoFishTrust.com

mailNickname = J.Smith

legacyExchangeDN = /o=OFB/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=6e37e326-007c-4068-a39e-d5de499f629a

msExchRecipientDisplayType = 6

msExchRecipientTypeDetails = 64

msExchPoliciesIncluded = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}

proxyAddresses = SMTP:Smith.Jack@TwoFishTrust.com

proxyAddresses = smtp:b12ffdfb-49ee-4cb3-b332-1aedf73df8d5-C16-BT@OneFishBank.mail.onmicrosoft.com

 

What attributes are impacted by Address Book (GAL) Sync?

The attributes covered above do not account for all eligible attributes related to Address Book Sync (GAL Sync) actions or processes. Click here for more details on all the Directory Sync Lite Eligible Attributes around GAL Sync.

 

Example of Contact Object created in Source or Target AD during Address Book Sync

This example represents a created mail contact object during Address Book Sync representing either the source or target mailbox or mail-enabled user.

adminDescription = Created By Power365 Directory Sync

objectClass = contact

msExchHideFromAddressLists = FALSE

showInAddressBook = CN=All Users,CN=All Address Lists,CN=Address Lists Container,CN=OFB,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=OFB,DC=com

showInAddressBook = CN=Default Global Address List,CN=All Global Address Lists,CN=Address Lists Container,CN=OFB,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=OFB,DC=com

displayName = Test MailUser

givenName = Test

sn = MailUser

targetAddress = SMTP:testmailuser@twofishtrust.com

mail = testmailuser@twofishtrust.com

mailNickname = TestMailUser

legacyExchangeDN = /o=OFB/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=d34992e4-5e94-454b-ae23-781b4d235d39

msExchRecipientDisplayType = 6

msExchRecipientTypeDetails = 64

msExchPoliciesIncluded = {26491CFC-9E50-4857-861B-0CB8DF22B5D7}

proxyAddresses = SMTP:testmailuser@twofishtrust.com

proxyAddresses = smtp:260f2ed4-83fd-4d65-9e17-fffdfd6e7178-C16-BT@OneFishBank.mail.onmicrosoft.com

l = City

co = United States

company = TFT

department = Dept

mobile = 555-965-5225

physicalDeliveryOfficeName = 555-965-5225

postalCode = 55555

st = ST

streetAddress = 1234 Street

telephoneNumber = 555-965-5225

title = Senior Title

 

Additional Information

Directory Sync Lite Eligible Attributes

Power365 Quick Start Guide

Prerequisites Guide

First Sync

User Cutover