Adaxes

Wait for user replication

0 votes

Hi

I'm having a problem with a scheduled task which needs a delay.
We are using ADMT to migrate users from one domain to another and then need to create a hybrid setup for these users.
I have set a scheduled task to run every 10 minutes to update a few fields in the users account before a business rule creates the remote mailbox on our exchange server. The issue is that if the user is migrated just before the scheduled tasks is run, when the business rule runs, the process can error as the account may not have been synch'd to the DC the exchange server is looking at.

I've tried to add a condition into the scheduled task which looks at the whenCreated attribute and if this is under 5 minutes then it doesn't process this user.
The specific condition is

If the 'When Created' property is less than or equal to '%datetime,-5m%'

The problem is that this doesn't seem to work, when I manually run the scheduled task immediately after migrating a user the scheduled task still processes the user.

Am I doing something wrong?
Is there a better way of achieving this?

Thanks

by (2.0k points)
0

Hello,

What version of Adaxes are you using and how do you create remote mailboxes? Starting from Adaxes 2016, creation of remote mailboxes is supported out of the box. If the remote mailboxes are created by Adaxes, there should be no replication issues as Adaxes passes the DC it uses over to the Exchange Server. The Exchange Server uses the DC passed by Adaxes for creation of a remote mailbox. Thus, if the Scheduled Task is triggered on a certain user, this means that it has already been replicated to the DC used by Adaxes, and also means that the user account should be available to the Exchange Server, since it uses the same DC.

If you are creating remote mailboxes with the help of the Enable-RemoteMailbox cmdlet, you can use its parameters to pass the DC used by Adaxes to that Exchange Server. To get the DC used by Adaxes, you can use the following code in your script:

$domainName = $Context.GetObjectDomain("%distinguishedName%")
$rootDSE = $Context.BindToObject("Adaxes://$domainName/rootDSE")
$domainControllerFQDN = $rootDSE.Get("dnsHostName")

Then, you can use the DomainController parameter of the cmdlet to pass the DC over to Exchange: 

Enable-RemoteMailbox "%distinguishedName%" -RemoteRoutingAddress "%samaccountname%@someone.onmicrosoft.com" `
                     -DomainController $domainControllerFQDN
by (216k points)
0

Thanks for the quick response, we are using Adaxes 2017.1

I took a look through the options, but can't see an option to create a mailbox at all once the option to activate the 365 account has been added.
How would I do this out of the box?

by (2.0k points)
0

Hello,

No additional action is needed. By default, if your Exchange organization is in hybrid mode, and you assign a license with access to Exchange Online to a user (e.g. any of the E1-E5 licenses), a remote mailbox is created automatically.

If your organization is not in hybrid mode, but you want to use remote mailboxes anyway, you need to configure Adaxes to always create them. For details on how to do this, see the following help article, section Enabling Remote Mailboxes: http://www.adaxes.com/help/?HowDoI.Perf ... boxes.html. You need to set the parameter to True.

If your organization is in hybrid mode, but remote mailboxes are not created by Adaxes automatically, probably, an issue occurs when creating them. To troubleshoot this, have a look at Adaxes Event Log on the computer where Adaxes Service is installed. There should be errors or warnings related to such an issue. If you are unsure, you can send a copy of the log to support[at]adaxes.com. For details on how to view the log, see the following help article: http://www.adaxes.com/help/?ServiceAdmi ... ntLog.html.

by (216k points)
0

Thanks again.

I think we'll need to stick with the powershell method for the time being as 95% of our staff aren't in hybrid mode, it's just a small subset in a newly acquired part of the company who are.
Thanks for the information on how to specify a DC for the command though, I had looked into this a little, but didn't find the correct method for finding the DC.

Another question if I may, it seems that if an Azure sync has taken place and the user has an account in O365, when the business rule runs it fails to activate the license with an error "Failed to create an Office 365 account. Unable to add this user because a user with the user principle name already exists".
Should Adaxes not be able to understand the 2 are the same and just apply the license?

by (2.0k points)
0

What tool do you use for Azure replication, DirSync or AAD Connect? What attribute did you chose as the source anchor? Can you also do the following for troubleshooting purposes:

  1. Enable tracing of commands sent to Office 365.
  2. Reproduce the issue.
  3. Send the trace file to us to support[at]adaxes.com.
by (216k points)
0

Hi

We use AAD and extended attribute 7 as the source anchor.

Log file has been emailed in with reference number 2017092610000064

Thanks

by (2.0k points)
0

Hello,

Since our reply contains confidential information related to your Office 365 organization, we sent it via email. Check your inbox. The reference number is the same.

by (216k points)

Please log in or register to answer this question.

Related questions

0 votes
1 answer
Dont wait for execution on web form

Hi, if a user creates a new user via web form and backend scripts are executed, is there a way to skip this waiting page? I not sure if I found some setting in the ... asynchronously" would do the trick, no? But I want all task are excuted one after one.

asked Jan 24 by wintec01 (1.1k points)
0 votes
1 answer
Business rule to wait for custom command

Hi Is it possible to get a business rule which calls a custom command powershell script to wait for the script to complete before continuing? Thanks Matt

asked Apr 27, 2017 by chappers77 (2.0k points)
0 votes
1 answer
Is it possible to wait until mailbox is established in office365

I need to edit the default calendar permissions to reviewer for all company. We are using office2016 so the policy on M365 to do this doesn't seem to work. Instead ... the permissions on the calendar? Im aware that this would slow down user creation somewhat

asked Mar 25, 2021 by will17 (350 points)
0 votes
1 answer
ADAM (AdaxesBackend) Replication Warning

"This directory partition has not been backed up since at least the following number of days." I am seeing this error in our logs and while it seems straight forward ... can I resolve this warning in the event logs and/or the Web Interface Configurator error?

asked Jan 30, 2020 by mark.it.admin (2.3k points)
0 votes
1 answer
Web Interface Custom Script, Replication Time

Good afternoon everyone, I have a web form that will create a simple OU with nothing more than a name and description. There next lies a business rule that kicks off ... is being ran from the same domain controller that the web interface ran its creation from?

asked Mar 30, 2017 by strikk (360 points)
3,348 questions
3,049 answers
7,791 comments
545,047 users