This rule creates a matching Office 365 account when a user creates a new Active Directory user account in Web UI.
An instance of the rule is automatically created during installation under the HOME > RULES > WebAdmin Rules (Pre-configured) folder. This instance is linked to the New User (AD), Clone User, Enable Mailbox, New Linked Mailbox and New User with Linked Mailbox actions as a post-action rule in the Rules to run after section.
When to use this rule
You typically do not need to create an instance of this rule, as it is automatically created during installation and linked to the New User (AD) and other Web UI actions. The rule is executed when a user selects Exchange Remote mailbox type option in the Web UI for the created user account mailbox.
This rule will construct a User Principal Name (UPN) in the format GivenName.SurName@$Office365_UPNSuffix. You can use this constructed UPN, or you can change the Action Command to use the UPN from Active Directory.
Limit AD scope to this domain or OU
This setting defines the search query scope.
To improve query performance, limit the scope to specific OU.
Note: As this rule is usually run after user creation rule, by default it uses query scope from the web query of the previous rule.
Query criteria are sent with the query and may improve query performance.
Note: As this rule is usually run after user creation rule, by default it uses query criteria from the previous rule.
Tip: For different samples on the criteria builder, see KB20180410-1.
To hide unwanted data based on criteria, not supported by Active Directory query, set the filtering conditions here.
To display additional properties for each object found by the query, add those properties to the list.
Sort result objects list.
Select domain controller to run the rule.
Specify credentials to the selected domain controller.
Run Enforce License Rule
Set to Yes by default to automatically assign Office 365 licenses to a newly created Office 365 user account.
Configure licenses to assign in the New User | Office 365 User Enforce License rule that is linked as a post-action rule to the New User | Create Office 365 User rule. See the New User | Office 365 User Enforce License rule article for details
Add to parent Azure AD Administrative Unit
Specify if the user should be added to the parent Azure AD Administrative Unit.
Select Usage Location.
Important: Cayosoft Administrator maps user accounts between on-premise AD and Office 365 using the account User Principal Name (UPN). It is important for the Office 365 user account to have UserPrincipalName identical to the corresponding on-premise user.
Select the rule to generate UserPrincipalName.
Select UPN suffix.
Set generation rule for the Office 365 user account's First Name, Last Name, and Display Name.
Usually, the user accounts in the AD and Office 365 have these attributes set to the same value.
|Set ImmutableID to Yes to pre-map AD user account with Office 365 user account for the Azure AD Connect to sync those accounts correctly.
|Set password for the Office 365 user account.
|New Account Status
|Allow or prevent logon to Office 365 for the created user account.
Set the Office 365 user account's Title, Department and Company.
Usually, the user accounts in the AD and Office 365 have these attributes the same.
Set the Office 365 user contact info.
Usually, the user accounts in the AD and Office 365 has these attributes the same.
Exchange Online Authentication Policy
It is possible to specify which Exchange authentication policy should be applied.
Assignment delay (seconds)
You can change the assignment delay.
Note: New User accounts take time to synchronize with Exchange Online. This delay gives time for this process to complete.
This section defines the output format of this rule.
To get more information about this section, please see the Output section article.
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Enforce/Schedule section article.
|Exchange Online Authentication Policy settings are added.
|Add to parent Azure AD Administrative Unit setting is added.
|The rule supports mapping between Active Directory user account and Cloud user account by anchor attributes.
|The rule supports linking to web actions as rules to run after the web action.