2

I am looking in to the details of a migration to Office365 - primarily for the use of hosted Outlook capability. I see that the Enterprise plans have "Active Directory Sync", but details seem scarce.

Is it possible to sync an independent LDAP server (such as Apache Directory) up to O365 (I want to keep it separate), or would I need to host a local instance of Active Directory and use that to sync users up to O365?

kez
  • 123
  • 1
  • 3

1 Answers1

0

The short answer is no. Office365's DirSync capability is heavily tied to Active Directory specifically. Even if it were technically possible to hack up a third party LDAP server to behave like AD enough to fool all of the pieces that need to talk to a local AD, it would most certainly not be supported by Microsoft.

Ryan Bolger
  • 16,472
  • 3
  • 40
  • 59
  • Thanks for the answer, Ryan. Would it be feasible to have a local MS AD instance syncing up to Office365 (so I'd have more control over it), and then it gives me more flexibility with authenticating other systems against it, instead of trying to get third party systems to try and AD auth against O365? – kez Nov 30 '12 at 20:27
  • 1
    Just to be clear, the info that gets synchronized with Office365 does not contain passwords; only the info necessary to do Exchange related stuff. When users are authenticating against Office365, it just passes the request back to your on-premise AD via ADFS. So yes, you'll always have a local AD as your authoritative identity source that other applications can use for authentication. Whether those other applications integrate directly with AD or are like Office365 and go through ADFS is specific to the application in question. – Ryan Bolger Dec 03 '12 at 19:49
  • The way things work is very similar to how authentication works with ServerFault and the other stack sites. ServerFault only has enough information from you to have a profile, but it doesn't have your password. It passes login requests to the OpenID provider you have associated with the site (Google, Facebook, etc). OpenID is very much like ADFS. – Ryan Bolger Dec 03 '12 at 19:52