news and know-how about microsoft, technology, cloud and more.

Delegate365 changelog version 7.2-additional sync rules and more

With Delegate version 7.2 there come some new and useful features especially in the sync rules. See the details described here.

  • Sync Rules: Groups OU-assignment by new name rules: All group rules now offer additional options in the Property dropdown allowing to assign a group to an OU by its name. To get the OU name out of the group name, the OU name must be the prefix of a name and a predefined separator must be used. The options include the following separators: [space] , [underscore] _, [hyphen] -, [point] ., and [slash] /.
    To clarify the mechanism, the options show a sample. So, if a group Display Name is set to "New York_Group", the sync rule strips down by the separator "_" and uses "New York" as OU name and "Group" as group name. So, group "Group" is automatically assigned to OU "New York".
    Take care when using a normal space character as separator: Then, the OU name can only be one word, for example: "New York Group" would result in an OU "New" and the group name is "York Group". As workaround, the OU-name could be named with a hyphen "New-York" or similar.
    That's the purpose, to use a Display Name for automatic OU-assignment instead of object properties. Now, admins can use this feature additionally if needed for the following objects: Distribution Groups, Office 365 Groups, Contacts, Resources, Shared Mailboxes and Security Groups as marked red in the following screenshot.
  • Sync-Rules: Automatic OU-assignment to OU "None": The same object types enumerated above, now offer a new, powerful switch: Assign unassigned groups to OU "None".
    Imagine, you define a rule for Office 365 groups that they are assigned to an OU in Delegate365 automatically, based on a property as CustomAttribute13 as shown below. All Office 365 groups with that property filled will be assigned to the corresponding OU. But, if there is no value filled in CustomAttribute13, a group will not be assigned to any OU.
    (Of course, Portal Admins already could manually assign objects to a specific OU in the administration / organizational units / assign module - and this still is an option.) Now, if Assign unassigned groups to OU "None" is set to Yes, all groups that are not assigned after all sync rules have been executed, will be automatically assigned to an OU with the name "None".
    So, if there are groups without an OU-information in Delegate365, they will be assigned to OU "None".
    If that OU "None" is not already existing, it will be created automatically. There is no automatic administrator assignment in place, this must be done manually later if needed. The OU-name cannot be configured and is always "None". But, since OU "None" is normal OU, the name can be changed anytime. In that case, a new OU "None" would be created if one of these switches is set to yes and if there are objects to be assigned to "None".
    This switch simplifies the OU assignment, so that all Office 365 objects are automatically visible in Delegate365, even if they don't match any sync rules. Later, Delegate365 Admins can decide what to do with these objects and manually assign them to another OU or set any properties or define any rules.
    By default, the new switch Assign unassigned groups to OU "None" is always set to No and there are no changes to existing configurations - it's an additional setting that can be used if it makes sense for your organization.
  • Sync-Rules: new description: To match with the new functionality, the sync rules description has been extended to describe all possible features in this module.
  • OU-Import: When talking about OU management, there's now a new module in administration / organizational units / import ou's that allows to import OU's from a CSV file.
    The downloaded sample file consists of a simple list of names that shall be imported as shown here: one OU in one line.
    With Upload, this file can be selected, uploaded and then imported.
    If the import was successful, the list below shows the status. If an OU was already existing, a status "OU already exists" is shown, otherwise "success". This feature is helpful if an organization exports their extensive OU-list from their local Active Directory and wants to use these names as OU's in Delegate365 easily. As usual, the OU's can be renamed in manage OU's. Don't forget to assign admins to the new OU's afterwards in manage administrators.
  • Sync operations: new behavior: Running a manual sync is used very rarely and can take some time, depending on the tenant size and operations The following screenshot shows the old behavior (up to version 7.1). When the Sync button was clicked, the Progress box below showed the sync-progress at the bottom of the sync operations page.
    We removed the Progress box. Instead, there are now two buttons for triggering the sync operations:
    Start AAD sync starts a new sync operation. The new Start MFA job allows to explicitly run only the MFA sync operation defined in the sync rules.
    If a Portal Admin triggers a sync job, he needs to confirm the operation and a toast notification pops up as visual validation. The sync runs in the background.
    As before, the result is shown in the Sync history. Now there's a Refresh button to check for the latest updates manually.
    With refresh, the sync history list gets updated and there's no need for reloading the page oneself.
    The module description was moved into a box on the top as well.
  • Sync operation: (Now) there can only be one! Another reason for changing the behavior was to avoid that admins start the manual sync multiple times parallel to the (maybe long time running) automatic sync job. In the past, this could cause issues since the result maybe did not reflect the admin's expectations since there could be multiple sync running and maybe interfering themselves.
    Now, the sync jobs runs only once. If an admin starts a new sync, a message appears that there's already a sync job currently running as shown here.
    In that case, wait till the sync job is finished and retry (or simply wait for the next automatic sync job). The Sync history box is your friend for seeing the current status and the result.
  • Office 365 groups: Hide from address list: An Office 365 group can now be hidden from the address list with the new switch in the general box as shown below.
    By default, Hide from address list is set to No. Use this switch for an Office 365 group if needed.

So, we think the new additions to Delegate365 make sense for many customers. All existing productive Delegate365 tenants will be updated starting by the begin of February. New Delegate365 trials will automatically be available in the latest version. We hope you enjoy the new features of Delegate365!