exchange - directory link
DirectoryLink installation guide DirectoryLink is a tool for getting a list of Active Directory users from your on-premise Active Directory and synchronizing it to Active Directory. It allows you to update user properties with the information gathered from your Active Directory.
Note: synchronization is one-way only and all user properties will be overwritten by the values from your in-house Active Directory.
Please download an installation package suitable for your domain controller operating system (x64 or x86) from CONTROL PANEL > DirectoryLink > Instructions. DirectoryLink version 2.0 and later will perform automatic updates after it is installed on domain controllers in your organization. Read the Knowledge Base article on Updating DirectoryLink for more information about automatic updates.
Follow the installation guide. DirectoryLink must be installed on all domain controllers in the Active Directory forest. Mailboxes/users in the CONTROL PANEL should be linked with users from your in-house Active Directory in order to get synchronized. You can use Autolink feature available in CONTROL PANEL> DirectoryLink > Unlinked section.
Domain controller requirements:
- Windows Server 2003 Service Pack 2, Windows 2008 R2 Server Core or later.
- NET Framework 3.5 with SP1.
- Outbound network connection must be opened on port 443 (SSL). If you receive the error message “Cannot access remote DirectoryLink service” during installation, please verify that you can access https://controlpanel.msoutlookonline.net.
Username and password for installation can be found in CONTROL PANEL under DirectoryLink > Instructions. Please have your DirectoryLink username and password ready before installing this product.
We strongly recommend that you limit the scope of synchronization by providing the distinguished name (DN) of the parent organizational unit (OU) that contains all objects enabled for synchronization. The synchronization scope must be an OU within your Active Directory domain.
- Log in to a domain controller using an account with Domain Administrator and local Administrator privileges.
- Verify installation requirements and install necessary prerequisites.
- Setup must be executed using administrative credentials. Right-click setup.exe and click Run as Administrator.
- Proceed with the installation until the DirectoryLink Service Configuration screen appears.
- Enter the User Name and Password that were obtained from the DirectoryLink > Instructions page.
- Click Browse button to select the synchronization scope.
- Click OK to complete DirectoryLink service configuration.
- Server reboot is required for the service to work. Please reboot the server.
- Once the server is rebooted, the DirectoryLink service will start synchronizing Active Directory objects. Please note that it may take up to 30 minutes to synchronize, depending on the size of your Active Directory.
- If you receive the error message "Cannot access remote DirectoryLink service" during installation, please verify that you can access thehttps://controlpanel.msoutlookonline.net URL from the local machine. Outbound connections on port 443 must be opened to this URL.
- If you are getting red X with no error message when running setup.exe, try .msi installer. The problem may occur on Terminal services or any other workstation where running setup executables is restricted.
- If you receive the error message "Password is incorrect", verify that you entered the correct password and that domain controllers match all requirements above. If the problem persists, check the local time on the domain controller and ensure that it is synchronized with a valid time source and that it is not out of sync.
- Critical service errors are written to the local server Application event log. Please monitor events from the "DirectoryLink Service" source.
- If you submit a support case, please include msinfo32 information. On each domain controller, go to Start > Run and type msinfo32. In the System Information window, click File > Save and save it as an .NFO file.
After installation, the software works as a system service and synchronizes all OU changes.
- If a user's UPN is not in the email address format, it will not be synchronized.
- The domain of the UPN must be added to the MS Exchange Server> Domain Names section.
Important notes:
- Synchronization is one-way only and all user properties will be overwritten by the values from your in-house Active Directory.
- DirectoryLink overwrites the UPN and Primary email address of the mailbox if your on-premise user UPN is in the email address format and its domain is registered under the Domain Names section of CONTROL PANEL.
- Passwords synchronization occurs only during the password reset operation. As a result, any existing user passwords that were set prior to installation of the DirectoryLink service will not be synchronized. Please instruct your users to reset their passwords after DirectoryLink service installation. If some of your passwords are not being synchronized, please verify that it suites the password complexity rules. Also make sure that DirectoryLink service is deployed on all domain controllers in the forest with the same DirectoryLink user name and password on all domain controllers.