piszczynski>Aleks No edit summary |
m (4 revisions imported) |
(No difference)
|
Latest revision as of 22:30, 15 November 2023
Azure AD Connect
AD connect is used to sync local domain Active directory objects with Azure AD.
This is done using the Azure AD connect tool.
Because the objects in a hybrid environment are copied into Azure from the on premises domain, changes to the domain are replicated to the Azure environment.
An important function of AD connect to note is that if you change the synced objects in ADconnect it will delete the objects not selected to sync from Azure. Always sync all objects required in Azure - best to not change the synced OU's once the ADconnect tool has been first setup and is syncing the domain.
Synced objects in Azure have an ImmutableID (anchor) which links them to the AD object they are syncing to, this is done after matching the objects UPN(username and email address)
Force Sync of Azure AD Connect
To force a sync of the ADconnect run the following powershell command:
For normal delta sync (only syncs changes)
- Start-ADSyncSyncCycle -PolicyType Delta
For a full sync (not needed in most cases)
- Start-ADSyncSyncCycle -PolicyType Initial
Fix Sync Issues
Check this article for resolving mis-matched users incorrectly synced:
https://www.amorales.org/2019/05/fixing-office-365-azure-ad-sync-issues.html