AzureADConnect

From Piszczynski
Revision as of 22:30, 15 November 2023 by Aleks (talk | contribs) (4 revisions imported)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Azure AD Connect

AD connect is used to sync local domain Active directory objects with Azure AD.

This is done using the Azure AD connect tool.

Because the objects in a hybrid environment are copied into Azure from the on premises domain, changes to the domain are replicated to the Azure environment.

An important function of AD connect to note is that if you change the synced objects in ADconnect it will delete the objects not selected to sync from Azure. Always sync all objects required in Azure - best to not change the synced OU's once the ADconnect tool has been first setup and is syncing the domain.

Synced objects in Azure have an ImmutableID (anchor) which links them to the AD object they are syncing to, this is done after matching the objects UPN(username and email address)

Force Sync of Azure AD Connect

To force a sync of the ADconnect run the following powershell command:

For normal delta sync (only syncs changes)

  • Start-ADSyncSyncCycle -PolicyType Delta

For a full sync (not needed in most cases)

  • Start-ADSyncSyncCycle -PolicyType Initial


Fix Sync Issues

Check this article for resolving mis-matched users incorrectly synced:

https://www.amorales.org/2019/05/fixing-office-365-azure-ad-sync-issues.html

Retrieved from ‘http://piszczynski.com/index.php?title=AzureADConnect&oldid=73
Last modified
This page was last modified on 15 November 2023, at 22:30.