The second performance is doable utilizing the Sync-O365Contact command. It’s kind of completely different in what it does, because it makes use of the ExchangeOnlineManagement PowerShell module to synchronize contacts between tenants. The method is a bit completely different as a result of we have to contact Tenant A utilizing Microsoft Graph API however then synchronize these customers/objects as contacts to Tenant B.
At present, the Supply objects to synchronize are objects supplied by Get-MgUser. Nonetheless, offering performance to synchronize objects from Energetic Listing, Trade, and even exterior programs needs to be doable if there is a want for that.
# Supply tenant (learn solely) $ClientID = '9e1b3c36' $TenantID = 'ceb371f6' $ClientSecret="NDE8Q" $Credentials = [pscredential]::new($ClientID, (ConvertTo-SecureString $ClientSecret -AsPlainText -Power)) Join-MgGraph -ClientSecretCredential $Credentials -TenantId $TenantID -NoWelcome $UsersToSync = Get-MgUser | Choose-Object -First 5 # Vacation spot tenant (writeable) $ClientID = 'edc4302e' Join-ExchangeOnline -AppId $ClientID -CertificateThumbprint '2EC710' -Group 'xxxxx.onmicrosoft.com' Sync-O365Contact -SourceObjects $UsersToSync -Domains 'evotec.pl', 'gmail.com' -Verbose -WhatIf -LogPath 'C:TempLogsO365Synchronizer.log' -LogMaximum 5
This command works a bit in a different way when synchronizing customers. You present customers to synchronize but additionally state from which area these customers are. As soon as the ability begins working, it expects to regulate customers from these particular fields. If customers created in your goal tenant aren’t on the listing supplied, these contacts shall be deleted. In the event that they exist in supply, they will get up to date. Primarily the command assumes full management in including, eradicating or updating contacts for given domains.
It is important to reiterate! These contacts shall be eliminated if in case you have contacts within the goal tenant that aren’t on the supply lists for given domains. For the sake of train, if I inform it to synchronize the primary 15 customers however skip the primary 5, the output will present that we’re including some new customers, however on the identical time, we attempt to take away people who exist already.
$UsersToSync = Get-MgUser | Choose-Object -First 15 -Skip 5
In fact, I am displaying one-way sync, however nothing stops you from reverting instructions, getting customers from the goal tenant, and pushing them to the supply tenant. I’d count on, nevertheless, that this is able to be achieved in one other script by the admin of the second tenant, however in principle, you would simply run it in a single PowerShell script.
The next permissions are required on the supply tenant to make use of this performance:
- Consumer.Learn.All – to learn customers
On the right track tenant, it’s best to use:
- Trade.ManageAsApp – to learn/write contacts in Trade (keep in mind so as to add software to Trade Recipient Administrator position)
