Product Documentation

Synchronize Exchange contacts and distribution groups in a remote domain

Jun 05, 2015
Updated: 2013-04-30

You can configure AD Sync to monitor changes to Hosted Exchange contacts and distribution groups that are created in a remote domain through Services Manager. You can also disable AD Sync for specific contacts and distribution groups so you can modify them through the control panel.

When a contact or distribution group is created, an object identifier is assigned automatically. For contacts, the identifier is the objectGUID. For distribution groups, the identifier is the objectSid. The AD Sync client provides these identifiers to Services Manager, which uses them to display synchronized items in the control panel. By default, these object identifiers are stored in extensionAttribute12 on the primary domain. If another application is using extensionAttribute12 to store other values, you can modify the Sync Object Id setting in the Hosted Exchange service settings to specify a different extension attribute (Configuration > System Manager > Service Deployment > Hosted Exchange > Service Settings, Customer category, under Extension Attributes).

To enable synchronization for specific contacts and distribution groups

To configure AD Sync to synchronize contacts and distribution groups, you add the contacts and distribution groups you want to synchronize to appropriate groups that will be included in the AD Sync client's inclusion filter. The AD Sync client monitors the Windows Event Log for changes to these items and synchronizes the included groups accordingly.
Note: When contacts are added or removed, the AD Sync client does not synchronize these changes automatically as they are not reflected in the Windown Event Log. To ensure changes to contacts are synchronized, you must force the AD Sync client to synchronize. For more information, see To force synchronization of changes to contacts in Active Directory groups.

To disable synchronization for specific contacts and distribution groups

Synchronized items such as contacts and distribution groups are displayed in the control panel as read-only items. If you want to modify a synchronized contact or distribution group, you disable AD Sync for the item and then remove the item from Active Directory group being synchronized. Disabling AD Sync removes the object identifier from the item's custom attribute and makes the item editable.
Important: If you disable AD Sync for a contact or distribution group and make changes through the control panel, those changes will be lost if you re-enable AD Sync later.
  1. From the Services Manager menu bar, click Services > Exchange > Contacts or Distribution Groups.
  2. Select the contact or distribution group for which you want to disable synchronization.
  3. Click Disable AD Sync and then click Close.
  4. On the remote domain controller, launch Active Directory Users and Computers and locate the group that contains the contacts or distribution groups that are no longer being synchronized.
  5. Right-click the group and select Properties.
  6. On the Members tab, select the contacts or distribution groups you want to remove and click Remove. Click OK.

To re-enable synchronization for specific contacts and distribution groups

  1. In the remote domain, locate the object identifier for the contact or distribution group.
  2. On the primary domain, add the object identifier to the item's Exchange custom attribute.
  3. Add the item to the appropriate group that is included in the IncludeGroups setting in the ADSync.exe.config file.