Shulou(Shulou.com)06/02 Report--

The previous Office365 series of articles were built in the form of a simple local infrastructure, but recently a customer's local AD was complex, with one root domain and nine subdomains, each corresponding to a subsidiary.

Recently, because the operation and maintenance costs are considering the e-mail and Skype business of the entire group, the first problem that needs to be solved is the problem of user accounts:

The domain name used by each company is different, how to uniformly migrate all the users in the whole forest to Office365!

Next, I did an experiment in a simulated environment, where the parent-child domain synchronization is supported by querying AAD Connect. Let's take a look at my experimental environment:

The root domain name is: contoso.com

The subdomain names are: and-sc.contoso.com and scnbwy.contoso.com

Two new UPN addresses are created on the root domain to simulate the domain names and-sc.com and scnbwy.com of the two subsidiaries.

Then go back to the and-sc subdomain to create a new OU and create a user named andsc, and change the user's UPN address to andsc@and-sc.com

Also create a new OU in the scnbwy subdomain and create a user named scnbwy, and change the user's UPN address to scnbwy@scnbwy.com

Next, you need to add and-sc.com and scnbwy.com to the Office365.

Then we create a new AAD Connect server to join the contoso.com root domain

Install AAD Connect on the AAD Connect server

The test environment is simple to choose to enable password synchronization, and the production environment can choose the user login method according to the actual needs.

Enter the password for the Office365 global administrator account (either the international version or the Chinese version, depending on the final Office365 version purchased by your customer)

Then AAD will check the local AD forest and click add Directory.

You need to enter the password of the current AD forest account for verification

After verification, you can add the contoso.com forest.

Next, the entire directory will be schema retrieved.

Through matching, it is found that the locally added scnbwy.com and and-sc.com domain names meet the requirements. The default domain name is a private domain name locally, and this domain name may not be registered on the public network, so be sure to check "continue but match all UPN suffixes of verified domains".

The next step is to synchronize the OU. Here, we select the OU we created under the and-sc.com and scnbwy.com directories for synchronization.

Then proceed to the next step of configuration.

Update the default synchronization rules for single forest and single domain

Configuration is completed and synchronization is enabled

After the synchronization is completed, the synchronization log is opened for detection, and each action is performed twice, corresponding to the two subdomains of and-sc and scnbwy.

Then log in to Office365 admin center and you can see that the users created locally have been synchronized to Azure AD, and then you can assign licenses to use Office365 cloud services, such as Exchange Hybrid,Skype for business Hybrid.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.