• State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 62 subscribers
  • Views 4803 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

O365 Distribution Group Sync to ARS

Dewayne.Stewart
over 6 years ago

I have a bunch of O365 Distribution Groups that I used to bring down into ARS via the sync tool.  The issue is whenever I add someone to the group it doesn't update in O365.  When I add someone to the managed by field it doesn't update the owner field of the object.  I do know if I create a DL in ARS and check the box for to create it in Azure, there's no issues.  I have over 300 Distribution Groups in O365 that I need to have ARS manage.  How can I go about pulling those groups down and have the ability to manage them.  Do I have to create a 2-way sync via the sync tool or can I just pull them in and manage them that way?  I did make sure that the O365 enabled attribute is set for TRUE as part of the sync.

  • 0 over 6 years ago
    Make sure that you have your back sync configured properly to pull down the object IDs of the groups and populate them into the edsvaAzureObjectID atribute. You also want the sync to set the edsvaAzureOffice365Enabled to TRUE in Active Roles. More details and step by step can be found in the KB below:

    support.oneidentity.com/.../video-configure-azure-in-active-roles-7-2-part-2-of-2-

    The reason why this is working if you create the group in ARS, is because ARS notes all of this information on it's own if the object is created by ARS. If the object was created outside of the product, you will need to use the sync service back sync to populate everything.
  • 0 over 6 years ago
    (my understanding) in ARS 7.2 there is three scenario possible:
    #1. MSFT Hypbrid Mode: MSFT AADConnector Syncs onprem AD/EX - AAD/O365 cloud. ARS manages onprem AD objects only.
    #2. MSFT Hypbrid Mode: MSFT AADConnector Syncs onprem AD/EX - AAD/O365 cloud. ARS manages onprem AD objects and ad-hoc (no bulk sync) AAD/O365 mbxs (assume ARS O365 Feature is enabled)
    #3. It is possible to make ARS to do Bulk Sync instead of MSFT AADConnector, give MSFT ADConnector is not in place
  • 0 over 6 years ago
    Hi Nick,
    Both of the attributes are sync'd but it's still a no-go. Once the group is pulled into ARS even if I try to update the membership of the group, it does not update the O365 Distribution Group. I have Azure (objectID) > ARS (edsvaAzureObjectID) and Azure (TRUE) > ARS (edsvaOffice365Enabled). After that runs, the group appears in ARS and I put a new user in the group, it never reached the O365.
  • 0 over 6 years ago
    Hi Dewayne, I noticed a SR was opened for this issue. We will continue to investigate there and I will update this post with whatever solutions we find.