Office 365 provides various authentication options, such as cloud-IDs, Password Hash Synchronization or federated identities. Leaving out the specifics on how each of these options work, all of them are configured per domain. Whenever trying to access services in Office 365, the user is required to authenticate using its User Principal Name. For sake of simplicity, the general advise it to configure the UPN to match the email address which makes it less confusing for them.
In 2013, Exchange Server MVP Mike Crowley wrote a script which would interactively report on the Office 365 Directory Synchronization tool. In 2014, Mike and I worked to update the script so that an HTML report would be generated. This would allow you to schedule the script and have the output emailed to you without the need to run the script interactively.
Before you can actually run the script, you will have to install SQL PowerShell on the AADSync machine first. DirSync had this installed by default, but it seems that AADSync does not. To install the SQL PS module, you must install the following components separately:
- Microsoft® System CLR Types for Microsoft® SQL Server® 2012
- Microsoft® SQL Server® 2012 Shared Management Objects
- *Microsoft® Windows PowerShell Extensions for Microsoft® SQL Server® 2012
The binaries can be installed from the installation instructions on the following page: http://www.microsoft.com/en-us/download/details.aspx?id=29065
Once you have installed the components, run the following command from the AADSync server and verify that the SQLPS module is listed:
Once you have verified the SQLPS module is installed and available, you can run the script.
Please use the script for what it’s worth, and always test in a lab first. Comments/feedback and feature requests are always welcome!