Loading

O365 DirSync Now Supports FIM filtering

As of the 20th August 2012 Directory Syncronisation now supports FIM Filtering, please see here: http://community.office365.com/en-us/wikis/sso/configure-filtering-for-directory-synchronization.aspx

You can filter on based on Organizational-unit (OU),  Domain and User-attributes, below is a snipet of the OU filtering

Set up organizational-unit–based filtering

  1. Log on to the computer that is running directory synchronization by using an account that is a member of the MIISAdmins local security group.
  2. Open Identity Managerby double-clicking miisclient.exe. Its location depends on your version of the Directory Synchronization tool:
    • 32-bit: Program FilesMicrosoft Online Directory SyncSYNCBUSUIShell
    • 64-bit: Program FilesMicrosoft Online Directory SyncSYNCBUSSynchronization ServiceUIShell.
  3. In Identity Manager, click Management Agents, and then double-click SourceAD.
  4. Click Configure Directory Partitions, and then click Containers.
  5. When prompted, enter your domain credentials for the on-premises Active Directory forest.
    • When presented with the credentials dialog box, the MSOL_AD_Sync account will be displayed.  This account is using a randomly generated password, so administrators will not know the password.  When performing this filtering operation, you should enter an account which has access to the Active Directory forest. The account used here should be an Enterprise Admin.  The Enterprise Admin account can view the entire forest and perform the filtering within any domain within the forest.  Using a Domain Admin will limit the scope of what the Directory Synchronization tool can view and may not be viable when needing to expand the filter into other domains.
  6. In the Select Containers dialog box, clear the OUs that you don’t want to synch with the cloud directory, and then click OK. Click OK on the SourceAD Properties page.
  7. Perform a full sync: on the Management Agent tab, right-click SourceAD, click Run, click Full Import Full Sync, and then click OK.

Leave a Reply

Your email address will not be published. Required fields are marked *