<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jZRSAZOkta Classic EngineOkta Integration NetworkAnswered2024-04-30T09:18:25.000Z2018-02-15T20:06:08.000Z2019-05-09T23:20:48.000Z

MichaelF.87478 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Replacing AD Connect with Universal Sync in an Exchange Hybrid Environment.
We currently have an Exchange hybrid environment with an on-prem Exchange 2016 server solely for online management, and an Azure AD connect server just for syncing attributes. Our ideal scenario is to remove both the on-prem exchange and AD connect server, whereby our on-prem AD is synced to Azure AD and we can manage Exchange online throught the O365 portal.

 

The big question we have is can we use Okta’s universal sync to replace our Azure AD connect server to the point where we can also remove our on-prem exchange server? I read from previous posts about the writebacks required to write-back attributes to on-prem, so looking for clarification if Universal Sync can provide this?

 

Or if we can replace the AD connect server, but the exchange server needs to remain for management purposes?

 

Has anybody attempted this or run similar scenarios?

 

  • 6 answers
  • 3.23K views

  • Jimbo (Okta, Inc.)

    Hi Michael... so here's the basics: Okta cannot write back to an on-prem Exchange Server. We can however do write back to an on-prem AD server. So you could use Okta's O365 Universal Sync provisioning to sync all your necessary AD objects to and from O365 and your AD server, so long as your Exchange Server is in the cloud.

  • MichaelF.87478 (Customer)

    Thanks Jim,

     

    That is very helpful and sounds exactly like our ideal scenario. Mastering from on-prem AD Server, managing Exchange server in the cloud. Since all AD objects would be synced between O365 and AD, I am assuming this allows full management of Exchange in the cloud?

     

    The next question I have then is, is there any technical documentation I can go through or resources I can use to guide us through this process? We are starting to plan the process but will need some guidance on the finer details. Any advice would be appreciated.

     

    Thanks.

    Expand Post

  • Jimbo (Okta, Inc.)

    Michael... here are some resources I use in our Deploy O365 with Okta course. Hopefully there's some help info in here for you!  

     

     
    Expand Post

  • j5v7c (j5v7c)

    Hello,

     

    Thanks for posting your inquiry in Okta Community Portal.

     

    ​If you receive a great answer to your question(s), please help readers find it by marking it the best answer. Hover over the answer and click "Best Answer." 

     

    Thank you,

     

    ​Dylann Fezeu

    OHC Team
    Expand Post

  • DavidR.00634 (Customer)

    Hi,

    I have a similar question...I currently have AAD Connect along with an on-premise Exchange hybrid server - which is used solely for management i.e. creating a new remote mailbox in Office 365 which is mastered on premises. I am now trying to replace AAD Connect and to adopt the 'Universal Sync' provisioning flow; however when I have attempted this within my test environment my results show that if I create a room mailbox (either a remote or local room, Okta (via the universal sync) creates the user in Office 365 as a mail-user object and flows the 'MSExchRecipientTypeDetails=16' correctly, but the result is that I do not have a provisioned room mailbox in o365. The customer still requires mailboxes which are mastered on premises i.e remote mailboxes (because they use FIM for a galsync between directories which uses the on-premises object to distribute. I have read all of the guides for o365 provisioning and how the universal sync is documented to work, however I am now question how this function will work in my scenario.

    Ultimatley I need to be able to create a room mailbox as a remote mailbox in o365 (the same way as AAD Connect would do), but without AAD Connect, and using Okta universal sync. 

    Can you please let me know how Okta suggests that a room mailbox is correctly created in o365 when flowed via the on-premises AD (via the hybrid UI i.e. new->remote mailbox->room mailbox etc)

    Thanks in advance
    Expand Post

  • rckn4 (rckn4)

    I'm looking for the same thing as David I think. I want to use Okta to sync on prem and Azure A/Ds without having to spin up Azure AD Sync.

     

    Thanks!

This question is closed.
Loading
Replacing AD Connect with Universal Sync in an Exchange Hybrid Environment.