Azure AD Connect help

I recently upgraded to the latest build of Azure AD connect. I had to do it manually because we have an extra attribute syncing for multi-geo on o365.

During the upgrade process a few links were helpful so I’m posting them here so I can reference them for later.

Azure AD Connect sync: Scheduler

To see your current configuration settings, go to PowerShell and run Get-ADSyncScheduler.

If you need to manually run a cycle, then from PowerShell run Start-ADSyncSyncCycle -PolicyType Delta.

 

Azure AD Connect: Design concepts

By default, Azure AD Connect (version 1.1.486.0 and older) uses objectGUID as the sourceAnchor attribute. ObjectGUID is system-generated. You cannot specify its value when creating on-premises AD objects. As explained in section sourceAnchor, there are scenarios where you need to specify the sourceAnchor value. If the scenarios are applicable to you, you must use a configurable AD attribute (for example, msDS-ConsistencyGuid) as the sourceAnchor attribute.

Azure AD Connect (version 1.1.524.0 and after) now facilitates the use of msDS-ConsistencyGuid as sourceAnchor attribute. When using this feature, Azure AD Connect automatically configures the synchronization rules to:

  1. Use msDS-ConsistencyGuid as the sourceAnchor attribute for User objects. ObjectGUID is used for other object types.
  2. For any given on-premises AD User object whose msDS-ConsistencyGuid attribute isn’t populated, Azure AD Connect writes its objectGUID value back to the msDS-ConsistencyGuid attribute in on-premises Active Directory. After the msDS-ConsistencyGuid attribute is populated, Azure AD Connect then exports the object to Azure AD.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.