Sunday, August 10, 2014

How to do Hard match in Dirsync?

There are 2 types of matching we do during Dirsync
  1. Soft Match
  2. Hard Match

In this post we will see how to do Hard Match in Dirsync.

Here are the broad level steps that we do to implement Dirsync between on-prem and cloud
  • Get the ObjectGuid from the onpremise for the user
  • Rearrange the ObjectGuid
  • Convert the ObjectGuid to an ImmutableID
  • Update the cloud user with the Immutable ID
  • Run Dirsync


Get the ObjectGuid from the onpremise for the user
  • Go to Adsiedit.msc
  • Right click ADSI Edit and say Connect to and select "Default naming context"
  • Double click the Domain partition and navigate to the OU the concerned user is present and select the user properties
  • Copy the value of ObjectGuid to a notepad



Rearrange the ObjectGuid as shown below
ObjectGuid  :                                                                   44 31 E2 46 77 83 3E 48 A8 7E B6 76 9D B6 2E ED
Group the GUID as shown here:                                     44 31 E2 46 77 83 3E 48 A8 7E B6 76 9D B6 2E ED
Rearrange Hexa bits within the group as done Here:    46 E2 31 44 83 77 48 3E A8 7E  B6 76 9D B6 2E ED
Write the rearranged Bits as shown here :                     46E23144-8377-483E-A87E-B6769DB62EED
Convert the ObjectGuid to an ImmutableID
Now that we have the object Guid in the format we want  download the script from the link below that converts Object Guid to Immutable ID and vice versa
Right click on the downloaded Script and click properties and say Unblock


Now open a Windows powershell navigate to the place where the Script was saved
Invoke the script and pass the Guid ID we got from the above step
PS C:\Users\praveen\Desktop\CAP\Immutable ID> .\GUID2ImmutableID.ps1
Value provided not in GUID or ImmutableID format.
Please Supply the value you want converted
Examples:
To convert a GUID to an Immutable ID: GUID2ImmutableID.ps1 '748b2d72-706b-42f8-8b25-82fd8733860f'
To convert an ImmutableID to a GUID: GUID2ImmutableID.ps1 'ci2LdGtw+EKLJYL9hzOGDw=='

PS C:\Users\praveen\Desktop\CAP\Immutable ID> .\GUID2ImmutableID.ps1 46E23144-8377-483E-A87E-B6769DB62EED
ImmutableID
-----------------
RDHiRneDPkiofrZ2nbYu7Q==



Update the cloud user with the Immutable ID
Now open Windows Azure Powershell for Office 365  and run the below command
Set-MsolUser -UserPrincipalName User@domain.com -ImmutableId RDHiRneDPkiofrZ2nbYu7Q==
 
Here  User@domain.com is the UPN of the user who is in cloud and we want to sync the on-premise user to sync to.

Run Dirsync
Now force an Dirsync to connect the users 
Note: Due to replication and delay in onprem and cloud we might have to wait for some time and force Dirsync couple of times.
Posted by at No comments:
Labels: , , , , ,

Tuesday, April 19, 2011

Where are my Certificates?

Where are my Certificates?

Many a times I have come across people who have no clue where to find the certificates they have or someone else have installed on the exchange server or the client machine.

In this post I would like to walk you through where you can find the certificates for exchange.

There are 3 methods to find where the certificates are
1) MMC
2) IIS Manager
3) Exchange Management Console (EMC)






1) MMC

This method works for both 2003 and 2008 server
a) Go to Start > Run and Type mmc




b) In the opened console Select ‘File’ > Select ‘Add or Remove Snap in’ as shown below



c) Select Add



d) Select Certificates and Select Add



e) Select Computer Account > and click on next



f) Select Finish and Close



g) Click on Ok and the Certificate console will be opened



h) Under “Personal Store” you can see the required certificates



2) IIS- Manager
2003 OS
a) Open IIS Manager



b)Right Click on “Default web site” (or the appropriate website if you have many) and select Properties



c) Select “Directory Security” tab and select “View Certificate” and you will be able to see the certificate


2008 OS
a) Open IIS Manager


b) Right Click on “Default web site” (or the appropriate website if you have many) and select Edit bindings

c) Select the https which has port 443 and click on Edit

d) On the opened Edit Site Bindings tab click on “View” to see the certificate



3) EMC

This can be used if exchange is 2010
Open EMC > Select “Server Configuration” and you will be able to see the certificate in the middle plane as shown in the picture

Just double on the certificate you want to see



Run the below command in Exchange management Shell (2007 or 2010) to see the attributes of the Certificate
Get-ExchangeCertificate | FL

Posted by at No comments:

Sunday, April 17, 2011

Introduction

Hi Friends

I am a Praveen. I have done my Engineering in Computer Science.

Right now I work for the World leading MNC in the field of "EXCHANGE".

I am not a great writer, but i am a person who believe in knowledge sharing.

All the post that I write here are either tried and tested by me or have read about the same and I am just simplifying the meaning of what the original website says and its implications for us as Exchange Users/Admins.

If you think any of my posts are wrong/offending, please let me know I am always open to correction,change and learning.

Have a close look in this space for more posts , LETS HAVE SOME FUN WITH EXCHANGE
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)