Skip to main content
CallTower Solutions Center

Hosted Skype Federation Issues to Office 365 Skype for Business When Using AzureAD Connect

  1. Last updated
  2. Save as PDF

Issue:

When a customer is using AzureAD Connect to sync their on-prem AD to AzureAD, they'll need to make the configuration changes below to ensure that federation from Calltower's hosted Skype for Business service to Office 365 provided Skype for Business services works.

Please consult with Tier 3 or SFB Engineering prior to telling the customer to make these changes.

PrerequisitePlease make sure this is completed below prior to making the rule in Azure AD Connect

Make sure the Proxy addresses from the on-prem AD are set to sync to Office 365, and the proxy address list should include the hosted Skype for Business SIP address (i.e. SIP:bbrown@abc.com)

Open the proxyAddresses attribute in Attribute Editor for the user

proxy1.png

Add the SIP alias in the Value to add field (this should match the same username as the Skype for Business account)

proxy2.png

Click the Add button and then OK

proxy3.png

 

Admin access to the on premise server running Azure AD Connect.

All users that need to have changes provisioned in Skype Online need to have their Skype Online License Enabled until the new SIP Address is in place. 

  • Once the the Skype Online account has been provisioned with the updated SIP Address the Skype license can be removed again.

Resolution:

The changes below should be made in Azure AD and not in the on-prem environment.

  1. Open the Synchronization Rules Editor (As Administrator) on the Azure AD Connect sync server. 
    • 1.png
  2. Select Outbound from the Direction drop-down box
    • 1a.png
  3. Click on Add new rule clipboard_eab1b33216ae574c328765e362061462a.png
    • Name – “Out to AAD – User SipAddress”
    • Connected System – Your Office 365 Azure Active Directory Name which ends in -AAD. (example: domain.onmicrosoft.com -AAD or domain.com -AAD)
    • Connected System Object Type – user
    • Metaverse Object Type – person
    • Link Type – Join
    • Precedence – 99
  4. Click Next
  5. Click Add group
  6. Click Add clause twice
    1. First clause
      1. Attribute – sourceObjectType
      2. Operator – EQUAL
      3. Value – User
    • Second clause
      • Attribute – cloudMastered
      • Operator – NOTEQUAL
      • Value – True
      • 2.png
  8. Click Next twice
  9. Click Add transformations one time
    1. First transformation
      1. FlowType – Expression
      2. Target Attribute – msRtcSipPrimaryUserAddress
        • Source should be a domain added to your tenant which also has DNS entries pointing to Skype Online. (teams.DOMAIN.com is an example).
        • including all quotation marks: "SIP:"&[givenName]&"."&[sn]&"@teams.DOMAIN.com"
      3. Merge Type – Update
      4. clipboard_e4ccda495098a573bf9f25f6b8c391e07.png
  10. Click Save
  11. Close the Synchronization Rules Editor