Office365 and Dirsync. When to use?

Many companies that use Office365 struggle with the same problem: “how can I automate the synchronization between my on-premise Active Directory users and Office365”? To solve this problem, Microsoft provides ‘Dirsync’. Dirsync is a downsized version of the Forefront Identity Manager 2010 (FIM2010) sync server.

When you start using Dirsync, you have to be very aware of the advantages and disadvantages of this solution. A summary:


  • It’s free.
  • The solution is out-of-the-box. There are no difficult configurations to make, so the system can be operational in a short time span.

The disadvantages:

  • An Office365 account is created for ALL Active Directory users of a particular OU. There are few possibilities to create an account for users with a particular role, or members of a particular AD group
  • There is little control over the user object. The necessary ‘IsLicensed’ attribute is not set to true. This means that there is still an action necessary to allow the user to work. This can be done by means of a powershell-command, or via Office365 itself.

If these disadvantages are not applicable to your organization, Dirsync might do the trick for you. If they do apply, you should consider using the full FIM 2010 Sync server and an Office365 management agent based on powershell.

Want more advice on this topic? Do not hesitate to contact me at any time!

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s