1. Create and populate the account and properties in Active Directory – Users and Computers(From DC or Net-19)
- Expand the “htop.org” tree --> Expand the “PROGRAMS” tree
- Find the Program (ex: RetirementServices --> Commons) and right-click
- Click “New” --> “User”
d. Enter the user’s First Name, Last Name and Logon Name (First Name + Last Initial; if there is already a user with that Logon Name, go the Disabled Users OU and check to see if this is the same person, only rehired. You may have to reach out to PeopleOps to make sure; if it is a brand new user, use the two letters from their last name).
e. Use default password of “Abcdef” followed by the last four of their social. Always require password change on login.
f. Find the newly created user in the OU you selected for “New User”. Double-click to open the User’s properties menu.
- Enter the OU you entered the user into on the “Office” field (usually something like Commons, Fountains, Property Services, etc.)
- Ensure you fill out the “E-Mail” field on the “General” tab. This is critical for many of the automated scripts we run to operate correctly.
g. On the “Profile” tab, create the user’s H:\ drive(Homefolder) by selecting H: from the dropdown and typing: \\htop.org\homefolders\office_location\%username% in the To: field.
h. Don't enter any information on the "Organization" tab, an automated script will enter this information by pulling from UltiPro.
i. In the “Member Of” tab, add the “Default_DomainUsers” to all new users as well as all the permissions the user needs for files and other groups. You may need to reach out to their supervisor for this information. You can also check someone else's account with the same job title and location as the new employee.
2. Wait up to 30 minutes for Azure AD Sync to synchronize the new user to the cloud M365 environment. Once you can see the new user in “Active Users”, the user can now be assigned licensing.
a. From the M365 Admin Center, navigate to the Azure Active Directory Admin Center
b. Locate the "All Services" tab on the left menu bar, then select "Groups". If you'd like to bookmark this service to the main left toolbar, click the "star" on the right of the service name.
c. Search all groups for "M365" which will display the license groups. The primary ones you should be paying attention to are "M365_Frontline_Users" and "M365_Desk_Users".
d. For now, the only group you should be adding users to for licensing is the "M365_FroneLine_Users" group. This will grant them the standard "F3/E2" apps and licenses they already have. In the future, we will be using this feature to manage more than one license group. You can add members by clicking "Members" then "Add Members". You can remove members (terms) by searching for the user and selecting "Remove":
e. Let the system sync for a few minutes then check the user's licensing in the M365 Admin Center to make sure they get a mailbox assigned and that the licenses are applied correctly: