Skip to content
Tech Shizz Logo

An Engineers Blog

  • TechShizz
  • blog

Filtering in DirSync

Posted on February 23, 2021 By rich No Comments on Filtering in DirSync

With DirSync for Office 365, you can specify what NOT to synchronize with a filter. This is useful in large environments as there may be hundereds of thousands of objects and that would not be suitable if only one portion of your organization actually used Office 365.

There are three filter types:
  • OU-Based Filtering
  • Domain Based Filtering
  • User-Attribute Based Filtering
You can have multiple filter rules in a single condition = OR (any)
or Multiple conditions in the same rule = AND (all).
Execution

This filtering is done on the server with Forefront ID Manager. 
You need to navigate to the following directory:
“C:Program FilesWindows Azure Active Directory SyncSYNCBUSSynchronization ServiceUIShell”
Here you will find miisclient.exe.
Open up Management Agents. You’ll see the Active Directory Connector. Double click this to open the connector.
Select “Configure Directory Partitions”.

If there were multiple domains, and we wanted to filter out an entire domain, we could do this here by unticking the checkbox of the domain we DONT want to sync. This is Domain Based Filtering.
Click the “Containers” button and you’ll be promted for the username and password for AD. Enter the credentials and the AD OU’s are then displayed with check boxes all ticked. 
Unticking these boxes will filter DirSync bu OU. This is OU Based Filtering. 

Next click on “Configure Connector Filter”. Select “User” and then click “New” to create out own User Based Filter.

If we want to create a User Based Filter to filter out a custom group of people, we can use an extensionAttribute to specify if a value is present that this object won’t be synchronized. So all we’d have to do it fill in “NoSync” as below, then populate this value for any users that we don’t want to be synchronized into their user attributes.

Post navigation

❮ Previous Post: Setting up port forwarding on a Sonic Wall router
Next Post: Provisioning an Office 365 Tenant ❯

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Subscribe to our newsletter!

Recent Posts

  • How to implement a lightning-fast ransomware playbook
  • How to achieve defence in depth in your business
  • How to implement a SecOps team phishing response plan
  • How to block an Office 365 Sign-in correctly
  • Microsoft finally patched serious Exchange 0-day over a month old!

Recent Comments

    Archives

    • November 2022
    • July 2021
    • March 2021
    • February 2021

    Categories

    • Cyber Security
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    Copyright © 2023 .

    Theme: Oceanly News Dark by ScriptsTown