Duplicating your production AAD Connect sync rules on your staging server using the AAD Connect Helper Module

Once upon a time, migrating your AAD Connect primary sync server configuration to your staging server was a simple matter of using the Get-ADSyncServerConfiguration and Set-ADSyncServerConfiguration cmdlets provided as part of the ADSync module. However, in the most recent versions of AAD Connect (v 1.1.751 and later) the Get-ADSyncServerConfiguration cmdlet still works, however the Set-ADSyncServerConfiguration…

0

Using RegEx with AAD Connect (and GBL)

Somewhat recently, Microsoft released the Azure AD Premium Group-Based-Licensing (aka GBL) feature in Public Preview, and I’ve had a TON of my customers transition to using this new feature. https://docs.microsoft.com/en-us/azure/active-directory/active-directory-licensing-group-advanced So far everyone has been thrilled with GBL, however there’s a caveat…  UsageLocation If you previously used GraphAPI or PowerShell to assign licenses, there’s a…

0

Testing AAD Connect Write-Back permissions on an OU

When installing and configuring AAD Connect with Exchange Hybrid and any of the other special features (Group Writeback, Password Writeback, Device Writeback), it’s necessary to delegate service account permissions in Active Directory to allow the features to work properly. Those permissions apply to features like : Exchange Hybrid Write-back, Password Write-back, Group Write-Back, Device Write-Back and…

0

Throttling AAD Connect exports

Occasionally, it is necessary to throttle the number of exports you are writing back to a connected data source – either AD or Azure. Perhaps you’re doing your first sync to the cloud but aren’t overly excited about pushing the CloudLegacyExchangeDN (in the form of an x500) address back to the Proxy Addresses of 250,000…

0

AAD Connect Upgrade error – Microsoft.Online.Deployment.PowerShell.PowerShell InvocationException: An error occurred while executing the ‘Get-MsolUser’ command

An interesting issue occurred tonight during the upgrade of AAD Connect from 1.1.380 to the latest version.  Of course, time was of the essence, so an error immediately after the Credential prompt caused quite a bit of angst, and seemed impossible to work around. Unfortunately searching thru the install log under the C:\Program Data\AADConnect directory…

0

AAD Connect Event IDs

This is by no means a complete list, but it should get you started monitoring your AAD Connect Server…   Informational Events   AAD Connect Engine 904 – Scheduler related informational events There are a good number of 904 Informational events related to Scheduler starting, Scheduler settings changing, Purging AAD Connect Operations Run history, scheduler…

0

Dealing with AAD Connect, GalSync and Hybrid writeback to Contacts

I recently had a customer ask why they’re constantly seeing writeback to contact objects in the GalSync container, which seem to come and go without rhyme or reason.  Well, there’s definitely a reason, and it has to do with the way that AAD Connect does writeback of the CloudLegacyExchangeDN from Exchange Online… Enabling Exchange hybrid…

0

DN value in AAD Sync AAD Connect – the NEW format

DirSync \ FIM used to use the Immutable ID value in the Azure connector space, making it somewhat straightforward to search for objects in the Azure CS using the ImmutableID (either copied from MSOL powershell or from the onprem AD ObjectGUID value converted to a Base64 string), however in AAD Sync and AAD Connect the…

4