DirectoryLink is a tool used for getting a list of Active Directory users from your on-premise Active Directory and synchronizing it to Smarsh Hosted Services Active Directory. It allows you to update user properties with the information gathered from your Active Directory.
- synchronization is one-way only and all user properties will be overwritten by the values from your in-house Active Directory.
- DirectoryLink overwrites the UPN and Primary email address of the mailbox if your on-premise user UPN is in the email address format and its domain is registered under the Domain Names section of CONTROL PANEL.
- Passwords synchronization occurs only during the password reset operation. As a result, any existing user passwords that were set prior to installation of the DirectoryLink service will not be synchronized. Please instruct your users to reset their passwords after DirectoryLink service installation. If some of your passwords are not being synchronized, please make sure that DirectoryLink service is deployed on all domain controllers in the forest with the same DirectoryLink user name and password on all domain controllers.
Download an installation package suitable for your domain controller operating system (x64 or x86) from CONTROL PANEL > Services > DirectoryLink > Instructions. DirectoryLink version 2.5 and later will perform automatic updates after it is installed on domain controllers in your organization. Read the Knowledge Base article on Updating DirectoryLink for more information about automatic updates.
Follow the installation guide. DirectoryLink must be installed on all domain controllers in the Active Directory forest. Mailboxes/users in the CONTROL PANEL should be linked with users from your in-house Active Directory in order to get synchronized. You can use Autolink feature available in CONTROL PANEL > Services > DirectoryLink > Unlinked section.
- Windows Server 2003 Service Pack 2, Windows 2008 R2 Server Core or later.
- NET Framework 3.5 with SP1.
- Outbound network connection must be opened on port 443 (SSL). If you receive the error message “Cannot access remote DirectoryLink service” during installation, please verify that you can access https://controlpanel.serverdata.net.
Username and password for installation can be found in CONTROL PANEL under Services > DirectoryLink > Instructions. Please have your DirectoryLink username and password ready before installing this product.
We strongly recommend that you limit the scope of synchronization by providing the distinguished name (DN) of the parent organizational unit (OU) that contains all objects enabled for synchronization. The synchronization scope must be an OU within your Active Directory domain.
- Log in to a domain controller using an account with Domain Administrator and local Administrator privileges.
- Verify installation requirements and install necessary prerequisites.
- Setup must be executed using administrative credentials. Right-click setup.exe and click Run as Administrator.
- Proceed with the installation until the DirectoryLink Service Configuration screen appears.
- Enter the User Name and Password that were obtained from the DirectoryLink > Instructions page.
- Click the Browse button to select the synchronization scope.
- Click OK to complete DirectoryLink service configuration.
- Server reboot is required for the service to work. Please reboot the server.
- Once the server is rebooted, the DirectoryLink service will start synchronizing Active Directory objects. Please note that it may take up to 30 minutes to synchronize, depending on the size of your Active Directory.
- In order to synchronize passwords of your Active Directory users, it is also required to reset them afterwards as the DirectoryLink service catches new passwords only during the password update operation.
- If you receive the error message "Cannot access remote DirectoryLink service" during installation, please verify that you can access the https://controlpanel.serverdata.net URL from your local machine. Outbound connections on port 443 must be opened to this URL.
Note: starting with version 3.0, check the following URL as well:
- If you are getting red X with no error message when running setup.exe, try .msi installer. The problem may occur on Terminal services or any other workstation where running setup executables is restricted.
- If you receive the error message "Password is incorrect", verify that you entered the correct password and that domain controllers match all requirements above. If the problem persists, check the local time on the domain controller and ensure that it is synchronized with a valid time source and that it is not out of sync.
- Critical service errors are written to the local server Application event log. Please monitor events from the DirectoryLink Service source.
- If you submit a support case, please include msinfo32 information. On each domain controller, go to Start > Run and type msinfo32. In the System Information window, click File > Save and save it as an .NFO file.
Read the Knowledge Base article on Troubleshooting DirectoryLink for more information.
After installation, the software works as a system service and synchronizes all OU changes.
- If a user's UPN is not in the email address format, it will not be synchronized.
- The domain of the UPN must be added to the Services > Domains section.
Link existing mailboxes with one of your users OR use Autocreate feature. The interface can autolink mailboxes and users by UPN and Display Name. Linked mailboxes show the text (linked) in the display name column at Services > Mailboxes. For mailboxes that are already linked, the information on the General tab in the mailbox properties becomes read-only (you can view it if you click the mailbox's Display Name). You will not be able to modify any user information; all changes should be done in the local Active Directory.