Quick Start Guide

Note: It can take up to 15-20 minutes from the time you start the Azure VM until the installation completes. Please provide the required time before performing the steps below.

The DayOne configuration includes the following steps:

  • Creating an application in Azure

  • Basic configuration

  • Optional - Creating a certificate that matches your server FQDN

Creating an application in Microsoft Azure


1. Sign in to your Microsoft Azure account: Azure portal

2. Select Azure Active Directory

3. Select App registrations

4. Select New registration

5. Create a web application and fill in https://Server.FQDN in the Redirect URI section

6. Copy the Application ID from the Overview tab

7. Select Authentication

8. In Advanced Settings section select (check) ID tokens.

If you do not wish to install the Sync Service click on the Save button. Else, continue without clicking Save.

Note: The following is configuration for the DayOne On-Prem Sync Service. If you are not setting the Sync Service continue to Basic Configuration section.

9. Check also the Access tokens

10. Select API permissions

11. Select Add permissions

12. Select APIs my organization uses and search for Microsoft Graph

13. Select Microsoft Graph

14. Select Application permissions

15. Select User.Read.All

16. Select Grant admin consent for <YourAppName>

17. Select Certificates & secrets

18. Select New client secret

19. Enter description and select expiration

20. Copy the secret value

21. Create Organizational Unit in Active Directory to create the users in, copy it’s distinguishedName.

22. Exclude this Organizational Unit from Azure AD Connect Synchronization.

23. Create administrative account with permissions to create/delete/modify users in this Organizational Unit.

24. Start the installation: "DayOne On-Prem Sync Service Setup.msi"

25. In the Set Service Login insert the credentials for the user created in step 23.

26. Edit the service configuration file located in "C:\Program Files (x86)\DayOne Write Back Service\DayOne On-Prem Sync Service.exe.config".

27. Set the following:

28. Service Events in Event Viewer:

Events source “DayOne Write Back Service”

Basic Configuration


1. Use a JavaScript enabled browser and browse to your DayOne server: https://Server.FQDN

  • You should see the following page:


2. Fill in your tenant domain and the application ID (that you have copied in a previous step)


3. Wait 1 minute and then refresh the page

  • You should be redirected to Microsoft Azure Active Directory and will be required to authenticate


4. Once authenticated, you should see the following DayOne dashboard page

5. First configure the Admins

  • Click on the “hamburger” menu (Top-Left) and select Admins

  • Press the + sign and fill the admin information

6. An optional step is to change the web application certificate to one of your own

  • Go to Settings in the “hamburger” menu

  • Prepare a PKCS#12 .pfx certificate file

  • Input the private key password

  • Press CHANGE and upload the certificate

  • Wait 1 minute for the update process to complete before refreshing the page

7. Go to Tenants and configure the tenants you would like to sync objects with (From or To)

  • The user that will be configured in this section requires the following permissions:

  1. In Microsoft Azure:

2. In Exchange online:

  • Fill in the tenant and user’s details (following is only an example)

8. Go to Connectors

9. Click the + sign in the Connectors section

  • Trusted Tenant – Sync users from this tenant

  • Trusting Tenant – Sync users to this tenant

  • Active – Enable/Disable the sync operation for this connector

  • Member[On] Guest[Off] – Whether synced users will be created as “Guests” or as “Members” in the target tenant

  • Deletion Enabled – Should users be deleted in the target tenant in case they are deleted in the source tenant (only users that were created by the connector will be deleted by it)

  • Deletion Threshold – If the number of users to be deleted are above this threshold no deletion will occur and a warning will be issued (0 is no limit)

  • Display Objects – Enable/Disable displayed synched users in the address books of the target tenant

  • Display Name – Should display name be synced as is or changed according to organization policy

  • Display Name Suffix – Will be added to all synced users in destination tenant

10. Each connector has inclusions and exclusions of its own. You can import list of emails into each of these using a text file that contains email address per line

  • Exclusions – Users in this list will not be synced, if they have already been synced by this connector they will be deleted (if deletion is enabled and the number of objects to be deleted is within the threshold)

  • Inclusions – If this list contains users, only those users will be synced, if this connector synced other users they will be deleted (if deletion is enabled and the number of objects to be deleted is within the threshold)

dayOne logo transparent.gif

Tel: 972-4-8211988

Khalamish 14, Industrial Park, Caesarea, Israel