Configure O365 User Sync with MI Console

Beginning in v7.1.2, Office 365 (O365) user sync can be configured via MI Console, offering the same logic with a simpler, CLI-free setup.

Table of contents:

  1. Create New O365 Sync Method
  2. Provide Configuration Details
  3. Provide Additional Options
  4. Configure O365 Sync Schedule
  5. Preview Command
  6. View Created O365 Sync Method

1. Create New O365 Sync Method

Access MI Console > Configuration > User Sync > O365 Sync

  1. [+New LDAP Sync Method]

2. Provide Configuration Details

  1. Enter a descriptive Name.
  2. Enable More Options.
  3. Provide the required parameters:
    • Group_DNs: Group DNs to sync with.
  4. [Next: More Options]

See Optional Parameters for more details.

Optional Parameters

Name Description
Be verbose Be verbose.
Display details
 Display detailed info about every affected user and group in the summary.
Force
 Force the update of related objects.
Dry run
 Dry run. Implies -v
Skip Default Group
 Skip adding synced users to the Default Group.
More Options Prompts to provide additional O365 sync options.
User Type The type of Metric Insights users that will be created, or synchronized if the --force option is used.
Auto Create If specified without a value or with the 'all' key, automatically create an MI group for the group DN if it does not already exist. If specified with the 'groups' key, new groups will be automatically created, but only existing users will be updated. If not specified, only users in existing groups will be created and updated.
Filter An O365 filter to search the base DN for groups to sync. Requires the --base-dn parameter.
MEMBER_ATTR
 The field name that stores information about group members.
USERNAME_ATTR
 The attribute name whose value will be used as the username.
FIRST_NAME_ATTR
 The attribute name whose value will be used as the user's first name.
LAST_NAME_ATTR
 The attribute name whose value will be used as the user's last name.
EMAIL_ATTR
 The attribute name whose value will be used as the user's email address.

3. Provide Additional Options

  1. [+Add Option].
  2. Provide the following parameters:
    • tenant: The directory tenant that you want to request permission from. The value can be in GUID or a friendly name format.
    • client-id: The application ID that the Azure app registration portal assigned when you registered your app.
    • client-secret: The client secret that you generated for your app in the app registration portal.
  3. [Next: Schedule].

NOTE: Hover over the info icon to see the description of the option.

4. Configure O365 Sync Schedule

  1. Set Frequency: choose certain days of the week or of the month.
  2. Set the desired sync time.
  3. Optionally, if certain days of week have been selected, set the repeat frequency for O365 sync.
  4. [Next: Command Preview].

5. Preview Command

  1. Preview the O365 sync command, then [Finish]

6. View Created O365 Sync Method

You can run, edit, or delete the created O365 Sync Method directly from the grid. Logs for completed O365 Sync Methods can be downloaded from O365 Sync History grid.