Step 1:
First, you need to install the DIRSYNC that was released on June21, 2013. If you are not sure which version that you are currently running, see http://aerobatgeek.blogspot.ca/2013/07/office365-dirsync-versions.html
Note that in order to be successful, you will need to uninstall any previous version, and also be sure to reboot after the uninstall.
Step 2:
Install DIRSYNC, including Password Sync. I will leave details to other posts.
Remember to Reboot after the install.
Also, it is my advice to NOT select "Synchronize Now". You should set the scope first.
For instructions on how to limit the scope of which accounts are Synced from AD, see post http://aerobatgeek.blogspot.ca/2013/07/office365-dirsync-how-to-set-partition.html
Step3:
Once the scope has been selected (in my case a single OU), then you can trigger a manual DIRSYNC.
On the DIRSYNC Server, launch Powershell with elevated Privileges.
Load the commandlet by typing the following:
PS C:\Windows\system32> Add-PSSnapin Coexistence-Configuration
then type
PS C:\Windows\system32> Start-OnlineCoexistenceSync
If you launch miicleint, you will see the Synchronization events.
Step 3: Look in the Event viewer to see if the passwords were synced.
Notice Event ID's 656,657, and then 653,654, indicating a fully successful sync.
Step 4:
If the above command does NOT trigger a password sync, you can force it by following the following steps:
- Edit the Registry and set HKLM\SOFTWARE\Microsoft\MSOLCoExistence\PasswordSync\FullSyncRequired = 1
- Restart the service Forefront Identity Manager Synchronization Service
- Check the event viewer again.
If all of that doesn't work perfectly, see the following:
- Password synchronization troubleshooting guide for Office 365 =>
http://support.microsoft.com/kb/2855271
No comments:
Post a Comment