New User | Create Office 365 User
Rule description
This rule creates a matching Microsoft 365 account when a new Active Directory user account is created in the Web Portal.
An instance of this rule is automatically created during installation under RULES > WebAdmin Rules (Pre-configured). It is linked as a post-action rule in the Rules to run after section for the following Web Portal actions:
New User (AD)
Clone User
Enable Mailbox
New Linked Mailbox
New User with Linked Mailbox
When to use this rule
You typically do not need to manually create an instance of this rule, as it is automatically generated during installation and linked to the New User (AD) and other Web Portal actions. The rule runs when a user selects the Exchange Remote mailbox type option while creating a mailbox in the Web Portal.
This rule constructs the User Principal Name (UPN) in the format:
GivenName.Surname@$Office365_UPNSuffix
By default, the rule uses this constructed UPN, but you can modify the Action Command to use the UPN from Active Directory instead.
Rule settings
Query section
| Setting name | Description |
|---|---|
Limit AD scope to this domain or OU |
This setting defines the search query scope. To improve query performance, limit the scope to a specific OU. IMPORTANT: To test the rule configuration, limit the rule scope to an OU that contains test accounts or objects and use the Preview feature. |
Query criteria |
(missing or bad snippet) |
| More options | |
|
Filter
|
Set the filtering conditions to hide unwanted data based on criteria not supported in the Query criteria setting. Example: filter by the found object Distinguished Name. TIP: For optimal performance, use the Query criteria setting above to filter objects whenever possible. |
|
Returned properties
|
To display additional properties for each object found by the query, add those properties to the list. |
Sort by |
Sort result objects list. |
Action section
| Setting name | Description |
|---|---|
Run Enforce License Rule |
Set to Yes by default to automatically assign Microsoft 365 licenses to a newly created Microsoft 365 user account. Configure licenses to assign in the New User | Office 365 User Enforce License rule that is linked as a post-action rule to the New User | Create Office 365 User rule. See the New User | Office 365 User Enforce License article for details |
Run Add to cloud group post-creation tasks |
Runs the New User | DynamicAttributes Add to Azure Cloud Groups rule as a post-creation task when set to Yes. Refer to the following article to learn more about the rule: New User | Dynamic Attributes Add To Azure Groups. |
Add to parent Azure AD Administrative Unit |
Specify if the user should be added to the parent Azure AD Administrative Unit. |
Usage Location |
Select the usage location. IMPORTANT: If Microsoft 365 user accounts don't have a location attribute set, Microsoft 36 license won't apply to them, and the rule will stop with the error. If you use Usage Location from AD value for this setting, you must be sure all Active Directory user accounts, that fall under this rule this, have a location attribute set. |
| Account | |
|
UserPrincipalName
|
IMPORTANT: Cayosoft Administrator maps user accounts between on-premise AD and Microsoft 365 using the account User Principal Name (UPN). It is important for the Microsoft 365 user account to have UserPrincipalName identical to the corresponding on-premise user. Select the rule to generate the UserPrincipalName. |
|
UPNSuffix (@domain.onmicrosoft.com)
|
Select UPN suffix. |
|
First Name Last Name Display Name |
Set generation rule for the Microsoft 365 user account's First Name, Last Name, and Display Name. Usually, the user accounts in the AD and Microsoft 365 have these attributes set to the same value. |
| Settings | |
| Set ImmutableId | Set ImmutableID to Yes to pre-map AD user account with Microsoft 365 user account for the Entra ID Connect to sync those accounts correctly. |
| Default Password | Set password for the Microsoft 365 user account. |
| New Account Status | Allow or prevent logon to Microsoft 365 for the created user account. |
| Organizational | |
|
Title Department Company |
Set the Microsoft 365 user account's Title, Department and Company. Usually, the user accounts in the AD and Microsoft 365 have these attributes the same. |
| Contact Info | |
|
Office Office Phone Mobile Phone Fax Address City State Postal Code Country |
Set the Microsoft 365 user contact info. Usually, the user accounts in the AD and Microsoft 365 has these attributes the same. |
Exchange Online Authentication Policy |
|
Authentication policy |
It is possible to specify which Exchange authentication policy should be applied. |
Assignment delay (seconds) |
You can change the assignment delay. NOTE: New User accounts take time to synchronize with Exchange Online. This delay gives time for this process to complete. |
Output Section
This section defines the output format of this rule.
To get more information about this section, please see the Rule Output section article.
Enforce/Schedule Section
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Rule Enforce/Schedule section article.
Comments
0 comments
Please sign in to leave a comment.