Rule description
This rule creates a matching Office 365 account when a user creates a new Active Directory user account in Web UI.
An instance of the rule is automatically created during installation under the HOME > RULES > WebAdmin Rules (Pre-configured) folder. This instance is linked to the New User (AD), Clone User, Enable Mailbox, New Linked Mailbox and New User with Linked Mailbox actions as a post-action rule in the Rules to run after section.
When to use this rule
You typically do not need to create an instance of this rule, as it is automatically created during installation and linked to the New User (AD) and other Web UI actions. The rule is executed when a user selects Exchange Remote mailbox type option in the Web UI for the created user account mailbox.
This rule will construct a User Principal Name (UPN) in the format GivenName.SurName@$Office365_UPNSuffix. You can use this constructed UPN, or you can change the Action Command to use the UPN from Active Directory.
Rule Settings
Query Section
Setting name | Description |
---|---|
Limit AD scope to this domain or OU |
This setting defines the search query scope. To improve query performance, limit the scope to specific OU. Note: As this rule is usually run after user creation rule, by default it uses query scope from the web query of the previous rule.
|
Query criteria |
Query criteria are sent with the query and may improve query performance. Note: As this rule is usually run after user creation rule, by default it uses query criteria from the previous rule.
Tip: For different samples on the criteria builder, see KB20180410-1.
|
More options | |
Filter
|
To hide unwanted data based on criteria, not supported by Active Directory query, set the filtering conditions here. |
Returned properties
|
To display additional properties for each object found by the query, add those properties to the list. |
Sort by |
Sort result objects list. |
Domain Controller |
Select domain controller to run the rule. |
Credentials |
Specify credentials to the selected domain controller. |
Action Section
Setting name | Description |
---|---|
Run Enforce License Rule |
Set to Yes by default to automatically assign Office 365 licenses to a newly created Office 365 user account. Configure licenses to assign in the New User | Office 365 User Enforce License rule that is linked as a post-action rule to the New User | Create Office 365 User rule. See the New User | Office 365 User Enforce License rule article for details |
Add to parent Azure AD Administrative Unit |
Specify if the user should be added to the parent Azure AD Administrative Unit. |
Usage Location |
Select Usage Location. |
Account | |
UserPrincipalName
|
Important: Cayosoft Administrator maps user accounts between on-premise AD and Office 365 using the account User Principal Name (UPN). It is important for the Office 365 user account to have UserPrincipalName identical to the corresponding on-premise user.
Select the rule to generate UserPrincipalName. |
UPNSuffix (@domain.onmicrosoft.com)
|
Select UPN suffix. |
First Name Last Name Display Name |
Set generation rule for the Office 365 user account's First Name, Last Name, and Display Name. Usually, the user accounts in the AD and Office 365 have these attributes set to the same value. |
Settings | |
Set ImmutableId | Set ImmutableID to Yes to pre-map AD user account with Office 365 user account for the Azure AD Connect to sync those accounts correctly. |
Default Password | Set password for the Office 365 user account. |
New Account Status | Allow or prevent logon to Office 365 for the created user account. |
Organizational | |
Title Department Company |
Set the Office 365 user account's Title, Department and Company. Usually, the user accounts in the AD and Office 365 have these attributes the same. |
Contact Info | |
Office Office Phone Mobile Phone Fax Address City State Postal Code Country |
Set the Office 365 user contact info. Usually, the user accounts in the AD and Office 365 has these attributes the same. |
Exchange Online Authentication Policy |
|
Authentication policy |
It is possible to specify which Exchange authentication policy should be applied. |
Assignment delay (seconds) |
You can change the assignment delay. Note: New User accounts take time to synchronize with Exchange Online. This delay gives time for this process to complete.
|
Output Section
This section defines the output format of this rule.
To get more information about this section, please see the Output section article.
Enforce/Schedule section
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Enforce/Schedule section article.
Change History
Version | Notes |
---|---|
8.2.0 | Exchange Online Authentication Policy settings are added. |
8.1.0 | Add to parent Azure AD Administrative Unit setting is added. |
7.3.0 | The rule supports mapping between Active Directory user account and Cloud user account by anchor attributes. |
5.4.0 | The rule supports linking to web actions as rules to run after the web action. |
Comments
0 comments
Please sign in to leave a comment.