Yammer Directory Sync
Audience and Requirements
Audience:
Yammer’s Directory Sync module is targeted at system administrators.
Implementing the Yammer Directory Sync Module Requires:
•
•
•
•
•
•
•
•
2
Supported architectures: x86, x64, and ia64
Supported operating systems: Windows Server 2003, 2008 and 2008 R2
Hardware: 2 gigahertz (GHz) or higher CPU, 4 gigabytes (GB) or more RAM
Microsoft .NET Framework 4.0
Port open to the Internet: 443 HTTPS outbound to *.yammer.com
Ports open to your internal servers: 25 or 587 (SMTP)
Ports for Active Directory Domain Services (AD DS): 389 by default, 3268 if global catalog in
use
Active Yammer service account
Topics and Learning Objectives
This deck covers the following topics about Yammer’s Directory Sync module:
•
•
Automating user provisioning in your Yammer network with Directory Sync.
Using AD DS with the Directory Sync module to add, update, or disable users in Yammer.
After completing this course, you will be able to:
•
•
•
3
Describe the Directory Sync integration and its benefits.
Create a Yammer Service Account that will be used across various integrations.
Complete a Directory Sync rollout plan.
Directory Sync Overview
What Is Yammer Directory Sync?
Directory Sync synchronizes your AD DS with Yammer to automate the provisioning
and deactivating of users. Here’s how:
5
•
On a regular schedule, the Directory Sync utility will run a
lightweight directory access protocol (LDAP) query against your
directory sources that returns accounts that have been modified
since the last successful sync.
•
The utility then connects to your Yammer network via a Yammer
service account and sends a payload of instructions to add,
suspend, and update users according to the changes that occurred
in your AD DS.
Benefits of Yammer Directory Sync
Directory Sync makes it easy to manage your users’ accounts through automation:
•
Directory Sync will automatically invite users to your Yammer
network when they are added to AD DS.
•
Directory Sync will automatically update a user’s Yammer profile
fields when an applicable attribute is updated in the user’s Active
Directory record.
•
•
6
For example, if you were to change a user’s name in Active Directory,
Directory Sync would then automatically make changes to the user’s
Yammer profile.
Directory Sync will automatically remove a user from your Yammer
network when the user’s account is disabled in AD DS.
Directory Sync Installation
and Configuration
Preparing for Yammer Directory Sync
Below is a summary of the Directory Sync integration process:
Create and
Configure a
Service
Account
8
Fill Out
Checklist and
Planning
Template
Install Directory
Sync
Configure
Directory Sync
Creating a Yammer Service Account
Create a Yammer Service Account using the steps below:
9
1.
Create a new secure email inbox. For example:
“yammerdsync@companyname.com”
2.
Open a browser and navigate to www.yammer.com.
3.
Submit the email address from above in the signup field.
4.
Check the inbox, and then click the activation link received from
Yammer.
5.
Set a Yammer password and proceed through the standard
Yammer signup flow.
6.
Have an existing Yammer verified administrator user upgrade your
newly created Yammer service account to verified administrator.
Service Accounts for SSO Networks
A temporary password is required to configure service accounts on SSO-enabled
Yammer networks. Use the following steps to acquire one:
1.
In a web browser, log in to Yammer using your Service Account credentials
through SSO by visiting https://www.yammer.com/yourdomain.com.
To avoid being automatically logged in as another user, use a private
browsing session or clear your browser cookies.
10
2.
Click Apps from the top navigation.
3.
Under All Apps, switch to the Yammer tab.
4.
Click on Desktop.
5.
SSO instructions are displayed, including the email address and temporary
password. Enter these credentials on the configuration screen of your
Yammer integration. The password is valid for 15 minutes.
The Directory Sync Rollout Checklist
The Yammer Directory Sync Rollout Checklist will help you prepare for the
Directory Sync rollout in your organization.
You can find it the checklist on the Directory Sync section of the Yammer Success
Center.
Here’s what you will need to know in order to fill the checklist out:
•
•
•
•
11
Information regarding the number of email domains in your AD DS.
Credentials for a Yammer-verified administrative service account, and an Active Directory
service account.
Information about business rules and software installed on your Active Directory domain
server.
The server name, port number, and login credentials for the SMTP server.
Directory Sync Installation Overview
Below is a summary of the Directory Sync installation process, detailed in the next
few slides:
Install the
Directory Sync
files
12
Adjust Your
Network
Settings
Connect
Directory Sync
to Yammer
Connect
Directory Sync
to Active
Directory
Enable
Synchronization
Install the Directory Sync files
You can find the Directory Sync setup files on the
Yammer Success Center here. After you download
them, you should:
1.
Copy the Directory Sync setup files to your
server.
2.
Run the setup file.
3.
Choose an installation location, and then click
Install.
13
Connect Directory Sync to Yammer
1. Adjust Your Network Settings
The Directory Sync (DSync) application needs to reach
yammer.com. Please adjust your network’s proxy and
firewall settings until the utility can access yammer.com.
2. Connect the DSync Utility to Yammer
Provide the email address and password for your
Yammer service account. If your Yammer network is
single sign-on (SSO) enabled, follow these steps:
•
Use a browser to sign into your Yammer network.
•
Click on Apps, then click on a mobile app (such as
Android).
•
Use the email address and temporary password
shown to authenticate Directory Sync.
14
Connect Directory Sync to AD DS
3. Connect the DSync Utility to AD DS
Connect the DSync utility to directory sources in your
Active Directory forest. The default port can be changed
using the following syntax: hostname:port)
4. Validate your DSync Connections
After entering the setup details, the configuration wizard
will validate your settings by showing you what a
synchronization would look like.
•
Active accounts will be created or updated in Yammer.
•
Inactive accounts will be suspended in Yammer.
•
Invalid accounts will be ignored due to invalid
characters found in the user’s email address.
15
Enable Synchronization
5. Configure Email and Enable Synchronization
Before you enable syncing, you must configure email
settings used to send a notification email if Directory
Sync encounters a problem. After you configure the email
settings, click Enable Sync.
The DSync utility will now query your Active Directory
system on a regular schedule and add, update, and
suspend users as appropriate.
16
Learning Review and
Additional Resources
Learning Review
In this deck we provided information covering:
•
•
•
The benefits of integrating Active Directory with Yammer.
An overview of Yammer’s Directory Sync installation process.
The next steps you will need to take to implement Yammer’s Directory Sync module.
With this information, you should be able to:
•
•
•
18
Create a Yammer Service Account that will be used across various integrations.
Complete a Directory Sync rollout plan.
Describe the Directory Sync integration and its benefits.
Additional Resources
You can find resources for installation of Directory Sync and additional information
on the on the Directory Sync section of the Yammer Success Center.
The following documents are included on the site:
•
•
•
•
•
•
19
Yammer Directory Sync Install Files
Yammer Directory Sync Install Guide
Yammer Advanced Configuration Guide
Yammer Directory Sync Rollout Checklist
Yammer Directory Sync Upgrade Checklist
Yammer Directory Sync Export User Guide