Home  |  Service Status  |  Team Blog  |  Forums
Outlook Web App > For Exchange Online Administrators > Outlook Live for Live@edu > Implement Outlook Live Directory Sync for Live@edu > Deploy Outlook Live Directory Sync for Live@edu >

Prepare Your On-Premises Organisation for OLSync

Applies to: Live@edu

Topic last modified: 2011-12-02

 

Dd490633.important(en-GB,EXCHSRVCS.140).gifImportant:
Outlook Live Directory Sync (OLSync) is the synchronisation solution for Microsoft Live@edu customers. If you are running a cloud-based email service with Microsoft Office 365 for enterprises, you must use the Microsoft Online Services Directory Synchronisation tool to synchronise your directories.

Before you install and configure Outlook Live Directory Sync (OLSync), you have to install Forefront Identity Manager (FIM) 2010 or Microsoft Identity Lifecycle Manager (ILM) 2007 Feature Pack 1 (FP1). FIM 2010 requires a 64-bit operating system and the 64-bit version of OLSync. ILM 2007 requires a 32-bit operating system and the 32-bit version of OLSync.

Also, we recommend that you create a test organisational unit in your on-premises provisioning domain where you can create test users for the initial OLSync synchronisation.

Here are the steps to prepare your on-premises organisation.

  1. Set up the computer that will run OLSync
  2. Install FIM 2010 or ILM 2007
  3. Create a test organisational unit in the on-premises domain (optional)
  4. Create test accounts in the on-premises forest (optional)

Other things you should know:

1. Set up the computer that will run OLSync

In addition to FIM 2010 or ILM 2007 FP1, the computer running OLSync must meet the requirements in OLSync Prerequisites.

2. Install FIM 2010 or ILM 2007

FIM 2010

To install FIM 2010, see FIM 2010 Installation Guide. You only need to install the FIM 2010 Synchronisation Service.

For optimal performance, follow these best practices when you install and configure SQL Server:

  1. Install SQL Server and FIM 2010 on a computer with at least 1 gigabyte (GB) of memory. We recommend that you run SQL Server and ILM 2007 on a computer with 2 GB of memory
  2. Run SQL databases locally, not remotely.
  3. Separate the SQL database and transaction log files to different hard drives. These drives should also be separate from the boot and system drives.

For more recommendations about how to optimise FIM 2010 for OLSync, see Outlook Live Directory Sync Best Practices.

ILM 2007 FP1

ILM 2007 FP1 is no longer available for purchase.

Important   The requirements for OLSync are more stringent than the ILM 2007 requirements. Specifically, as noted in step 1, OLSync requires the Windows Server 2008 Enterprise operating system and SQL Server 2005 SP2 or later.

For optimal performance, follow these best practices when you install and configure SQL Server:

  • Install SQL Server and ILM 2007 on a computer with at least 1 GB of memory. We recommend that you run SQL Server and ILM 2007 on a computer with 2 GB of memory.
  • Run SQL Server 2008 SP1 or SQL Server 2005 SP3. Running OLSync on SQL Server 2008 SP1 or SQL Server 2003 SP3 provides significant performance improvements compared to earlier service packs.
  • Run SQL databases locally, not remotely.
  • Separate the SQL database and transaction log files to different hard drives. These drives should also be separate from the boot and system drives.

For more recommendations about how to optimise FIM 2010 and ILM 2007 for OLSync, see Outlook Live Directory Sync Best Practices.

After you install ILM 2007 FP1, be sure to install the Build 3.3.1101.2 hotfix rollup package and the Identity Lifecycle Manager 2007 FP1 Sync Engine Configuration PowerShell Commandlets. For this release of OLSync, don't install any subsequent ILM 2007 FP1 hotfixes.

Top of page

3. Create a test organisational unit in the on-premises domain (optional)

You can create test users in your default organisational unit, or you can create a test organisational unit.

Before you configure OLSync to synchronise all your on-premises users, create some test accounts in a test organisational unit in your Microsoft Exchange organisation.

When you configure OLSync for the initial synchronisation, you can specify the test organisational unit for synchronisation. If everything synchronises into your Outlook Live domain as expected, you can configure OLSync to synchronise all the users in your on-premise domain or domains.

Top of page

4. Create test accounts in the on-premises forest (optional)

You can run OLSync without creating test accounts in the on-premises forest, but we recommend creating different types of test accounts before you run OLSync.

Create at least one mail user, one mail contact, one mailbox, one dynamic distribution group and one distribution group in the test organisational unit.

To test the full range of OLSync functionality in an on-premises Microsoft Exchange organisation, consider creating the following matrix of test accounts. If you don't have Microsoft Exchange installed on-premises, you can only create test user accounts. For more information about these configurations, including how Windows Live ID account names are generated, see the section, "How is each object synchronised," in How Outlook Live Directory Sync Works.

Type of test account Configuration of the test account This account will provision in Outlook Live as:

Mail user

The targetAddress attribute is set to the provisioning domain.

Mailbox

Mail user

The targetAddress attribute is set to an accepted domain in Outlook Live, not the provisioning domain.

Mail user

Mail user

The targetAddress attribute is set to an external domain that isn't an Outlook Live accepted domain.

External contact

Mail contact

The targetAddress attribute is set to an accepted domain in Outlook Live, not the provisioning domain.

Mail user

Mail contact

The targetAddress attribute is set to an external domain that isn't an Outlook Live accepted domain.

External contact

Mailbox user

The primary SMTP address is set to any accepted domain in Outlook Live.

Mail user

Distribution group

The primary SMTP address is set to any accepted domain in Outlook Live.

Mail user

Dynamic distribution group

The primary SMTP address is set to any accepted domain in Outlook Live.

Mail user

Security distribution group

The primary SMTP address is set to any accepted domain in Outlook Live.

Mail user

If the primary SMTP address of an on-premises group does not match an accepted domain in Outlook Live, then the group will be synchronised as an external contact.

Top of page

How do I set the targetAddress attribute on a specific account type?

That depends on if you have Microsoft Exchange deployed in your on-premises Active Directory Domain Services (AD DS) or Active Directory directory service. The following sections explain how to set the attribute for each on-premises scenario.

No Microsoft Exchange - AD DS or Active Directory only

If Microsoft Exchange isn't installed, the Active Directory schema doesn't contain a targetAddress attribute. Instead, the user attribute, mail, is used to hold the email address.

Account type How to set the mail attribute:

User
  1. Create a user in Active Directory Users and Computers.
  2. After you have created the user, right-click the user object and enter the email address in the Email field on the General tab of the user property page.

Microsoft Exchange Server 2003

You have to create mail users and mail contacts, which are called contacts in Exchange 2003, by using Active Directory Users and Computers on a computer where the Exchange Management tools have been installed.

Account type How to set the targetAddress attribute:

Mail user
  1. Create users in Active Directory Users and Computers, but don't give the user a mailbox when you run the New Object - User wizard.
  2. After you have created the user, right-click the user object and select Exchange Tasks.
  3. In the Exchange Task Wizard, select Establish Email Address. The email address you enter in the wizard sets the targetAddress attribute.

Mail contact

When you create a contact in the New Object - Contact wizard, select the option, Create an Exchange email address. The email address you enter in the wizard sets the targetAddress attribute.

Exchange Server 2007 and Exchange Server 2010

Use the Exchange Management Console or Exchange Management Shell to create mail users and mail contacts.

Account type How to set the targetAddress attribute:

Mail user
  • In the Exchange Management Console, when you create a new mail user, you can enter an optional External email address at the end of the New Mail User wizard. The value you enter for the External email address sets the targetAddress attribute.
  • In the Exchange Management Shell, use the ExternalEmailAddress parameter on the New-MailUser cmdlet to set the targetAddress attribute.

Mail contact
  • In the Exchange Management Console, when you create a new contact, the address that you enter for External email address sets the targetAddress attribute.
  • In the Exchange Management Shell, use the ExternalEmailAddress parameter on the New-MailContact cmdlet to set the targetAddress attribute.

Top of page

How do I set the primary SMTP address on a specific account type?

When you create a mailbox, distribution group, or dynamic distribution group, the default email address that you configure on the object is the primary SMTP address. If you have more than one SMTP address configured on a given object, you have to configure one of them as the primary SMTP address. The following sections explain how to set the primary SMTP address for each on-premises scenario.

Exchange Server 2003

You have to create mail users and mail contacts, which are called contacts in Exchange 2003, by using Active Directory Users and Computers on a computer where the Exchange Management tools have been installed.

Account type How to set the primary SMTP address:

Mailbox and distribution group
  1. Open the mailbox or distribution group property page in Active Directory Users and Computers, and click the Email Addresses tab.
  2. Click New to open the New Email Address dialogue box. Click SMTP Address, and then click OK.
  3. In the Internet Address Properties dialogue box, enter the primary email address, and then click OK.
  4. On the Email Addresses tab, select the SMTP address that you just added, and then click Set As Primary.
  5. Clear the ticl box next to Automatically update email addresses based on recipient policy, and click OK.

Exchange Server 2007 and Exchange Server 2010

Use the Exchange Management Shell to set the primary SMTP address on existing mail recipients.

Account type How to set the primary SMTP address:

Mailbox

In the Exchange Management Shell, use the PrimarySmtpAddress parameter on the Set-Mailbox cmdlet.

Distribution group

In the Exchange Management Shell, use the PrimarySmtpAddress parameter on the Set-DistributionGroup cmdlet.

Dynamic distribution group

In the Exchange Management Shell, use the PrimarySmtpAddress parameter on the Set-DynamicDistributionGroup cmdlet.

Top of page

Read more