|
Microsoft 365 Multi-Geo addresses data residency requirements set by local laws and policies by allowing organizations to control where their data is stored. Administrators can provision and store data at rest in either the central location or satellite locations, including end user’s Exchange Online Mailboxes, OneDrive for Business, Team and SharePoint Online data. This quick start guide describes how-to setup Synchronization between your Multi-Geo Microsoft 365 tenants. To set up On Demand Migration Directory Synchronization between your tenants, source objects must be either matched to existing objects or created as new objects in the target environment. In this guide: Directory Sync Requirements Setting up On Demand Migration for Directory Sync Preparing Multi-Geo Objects Synchronizing Multi-Geo enabled Objects Validating Synchronization Results Frequently Asked Questions Directory Sync RequirementsClient is licensed for On Demand Migration Directory Sync Microsoft Entra ID Application Account An account with Global Administrator Role is required to grant permissions and establish connection when adding a Cloud Environment. Microsoft Entra ID PowerShell Accounts Two (2) PowerShell accounts are automatically created to read and update objects in the cloud. To do this an OAuth token is used from the account used to add the Cloud Environment. These PowerShell accounts do not require any Microsoft 365 licenses. Exchange Administrator, Teams Administrator and User Administrator roles will be added for these PowerShell accounts. Setting up On Demand Migration for Directory Sync
This chapter describes how to set up the On Demand Migration Directory Sync, setup the sync template and configure the Directory Sync workflow. In this chapter: Adding Microsoft 365 Tenants to On DemandThis section describes how to add Microsoft 365 tenants and configure a Migration project using On Demand Migration. During project setup, an Office 365 Global Administrator account is initially required to add each tenant to the project. Follow these steps to add each Microsoft 365 tenant for On Demand Migration. If there is an existing tenant from another project, it can be reused. Log in to Quest On Demand. Navigate to Tenants. Click the Add Tenant. On Demand supports both Commercial and GCC High tenants. For the purpose of this guide, choose Add Commercial or GCC Tenant and click OK. Log in to Microsoft 365 with a Global Administrator account for the source tenant. Accept the requested Application Permissions. Click Finish. Repeat steps 2 – 8 for the target tenant. Setting up the Directory Sync EnvironmentsFollow these steps to setup the Directory Sync Environments. Log in to Quest On Demand. Navigate to Migration. Create a new migration project by clicking Create Project. Provide a migration project name and select the source and target tenant in the project wizard and click Save and Continue.This section provides a step-by-step guide on how to configure the Directory Sync Template. Log in to Quest On Demand. Navigate to Migration, and open your project. Click the Directory Sync icon. Click the Templates link via the hamburger menu.This section provides a step-by-step guide on how to deploy and configure the Directory Sync Workflow. Log in to Quest On Demand. Navigate to Migration, and open your project. Click the Directory Sync icon. Click on New under Workflow to open the workflow wizard. Enter the workflow name and click Next. Select the environments and click Next. Select One Way Sync and click Next. The workflow wizard will have four(4) workflow tasks pre-selected, they are Read, Match, Stage and Write. We will need to configure all 4 tasks. Read – Select the environments from which you wish to read the objects. Match – This is the step where you will decide how to match existing objects across your Microsoft Entra directories. Matching is conducted by pairing sets of attributes to find corresponding objects. Your two (2) environments may already have some attributes that can be used to find similar objects between the different directories, or you may need to populate some to ensure accurate matching. For a successful Directory Synchronization, it is most important that existing objects are correctly matched. For the purpose of this guide, DisplayName and Name will be used for matching.
This chapter describes how to configure multi-geo enabled objects. Setup a multi-geo test user in the source tenant, we will configure the object in Japan Azure Region. Create a user in the source tenant (example, ODMADMEU1), and set the PreferredDataLocation(PDL) value to “JPN”.
Get-MsolUser -SearchString ODMADMEU1 | set-MsolUser -PreferredDatalocation JPN
get-mailbox ODMADMEU1 | Format-List DisplayName, Database, MailboxRegion
Set-UnifiedGroup -Identity ODMADGEOGrp -MailboxRegion EUR To find out how to enable Multi-Geo capabilities in your Microsoft 365 Tenant, see the Microsoft article Microsoft 365 Multi-Geo for more details. (责任编辑:) |
