DirSync with password sync now available

Today the latest build of the Microsoft Active Directory synchronisation tool (DirSync for Windows Azure Active Directory / Office 365 has reached  General Availability. This latest build makes available password synchronisation – a feature which has been requested for quite a long time (since BPOS days).

While password synchronisation has been available for Live@Edu customers using PCNS Office 365 customers have had to either resort to 3rd party utilities such as those created by MessageOps or SADA Systems, or deploy Active Directory Federation Services (ADFS).

Unfortunately both of these have had a cost associated with them which can sometimes be prohibitive to organisations so the ability to have password sync as part of DirSync is fantastic.

What does the availability of password sync mean for those with 3rd party or ADFS solutions in place? They can continue to use them, or if they like de-provision them to step back to use DirSync with password sync.

Some of the key points around using the updated DirSync with password sync:

– passwords are sent as a hash to Office 365 / Windows Azure Active Directory – it IS NOT possible to convert the hashed password to plain text

– the old DirSync must be uninstalled before you install the new bits

– DirSync still works on a 3 hour schedule, however passwords changed in Active Directory are replicated to the cloud within minutes

– password sync will not synchronise passwords for federated identities

– the password complexity is defined by YOUR Active Directory

– by default passwords set in Office 365 by DirSync are set to never expire (however the AD password can expire and as such will update the Office 365 password when a user changes is)

– administrators can use PowerShell to change a cloud password

 

How do you enable password sync? Very easily:

1. Install the latest Windows Azure Active Directory sync tool

2. Select the option to enable password sync

3. You’re done! 

If you are already using ADFS / SSO and would like to convert from a Federated user to a Managed user so as to leverage password sync there is a process to be done however there are some considerations to keep in mind. More on that soon!

More information can be found in the Windows Azure Active Directory section of TechNet.

Happy syncing!

Back to the future, with SkyDrive

Microsoft has been making great efforts to make SkyDrive more feature rich and available on virtual every platform – mobile, tablet, PC, Mac, and tightly integrated into Windows 8 and Windows Phone.

The 7GB provided by free is greater than most other free equivalents, so when you factor that in it’s a fairly amazing solution.

However this is not a blog piece or comparison about SkyDrive or its competitors.

Only a few days ago Microsoft announced the general availability of Office 365 for Education – replacing the former Live@Edu service which was built on a combination of the Windows Live platform, Exchange Server 2010, and a variety of other components.

Key among the Live@Edu attractions for educational institutions was the SkyDrive component – as it gave them a way to finally be rid of network home drives and ultimately being responsible for student files.

Unfortunately the SkyDrive portion is no longer available in the updated offering, being replaced with a 500MB My Site as part of SharePoint Online. This is a far cry from the 7GB that SkyDrive offers – so what are schools and universities to do given that common student home drives are usually 1-2GB in size.

Along comes the latest offering from my company Xstran DirSync for SkyDrive.

In simple terms – it brings back a key feature of the Live@Edu offering: the ability to connect SkyDrive accounts to Active Directory.

Currently in beta, Xstran is currently taking expressions of interest as I expect the tool to hit general availability in early July.

Any schools or universities taking up Office 365 but wanting to provide students with their own cloud storage using the same identity – this is the tool for you!