With the release of Azure AD Connect for synchronizing on-premises Active Directory to Azure Active Directory, existing deployments of Azure AD Sync can consider performing an in-place upgrade of their AAD Sync server to AAD Connect.
Azure AD Connect can be downloaded from Microsoft here. When you have downloaded the installation file to your directory synchronization server launch it to begin the upgrade. Setup will detect the existing install of AAD Sync. Agree to the license terms and click Continue.
Synchronization will be stopped during the upgrade. This isn’t harmful to existing objects that have been synchronized, but you should be aware that no changes or new objects will synchronize during the upgrade.
Enter your admin credentials that will be used to connect to your Azure Active Directory instance.
Choose whether or not to start synchronization immediately after configuration is completed. If you have post-upgrade configuration changes to make you may prefer to untick this option.
When configuration is complete you’ll see a useful tip for syncing Windows 10 domain joined computers to Azure AD as registered devices. This is an interesting feature but not directly relevant to an Exchange Online scenario so I won’t go into it here.
After the upgrade is complete you’ll see an Azure AD Connect icon on the server’s desktop that opens a dialog from which you can perform a few admin tasks.
The applications menu/list on the server also contains other utilities such as the Synchronization Rules Editor, Synchronization Service, and the Azure AD PowerShell module, which you may already be familiar with if you’ve been administering directory synchronization servers in the past.
In my experience so far the upgrade from AAD Sync to AAD Connect is trouble-free and preserves all of the filtering and customizations that I have in place.
I have a SMS 2011 server with 30 users(2GB quota + Archives) on Exchange 2010 and have no PF or shared folders to migrate. I want to move all my users to the cloud and decommission exchange. However each user has 2 UPN’s.
I have two choices from what I see:
1-Do a express Hybrid config wizzrd in staging mode. move all mailbixes. cutover to O365 after testing Mailflow.
https://support.office.com/en-us/article/cutover-migration-to-office-365-9496e93c-1e59-41a8-9bb3-6e8df0cd81b4
2-I was actualy thinking of doing a PST migration which seems to be the easier way but now I see it actually is the lengthier solution , having to do all user creation on O365, assigning licenses, modifying 2 domain’s records, matching UPN’s etc….
So naturally I want to go with the option one. Any pros or cons to this? Any feedback or suggestion is appreciated.
Hi Paul
An irritating feature with the new AADConnect is that it will sync users who’s UPN has not been changed to a routable domain and add it to Office 365 with a .onmicrosoft.com address.
Before it just left them alone and it was an easy way to sync up the users you wanted.
Do you know the Sync Rule that can be used to put this back in place?
Microsoft have an outbound rule that will only sync mail domain and UPN if they match the end of a specific UPN you provide. This does not working if you have users with different mail domains . and providing just the UPN rule does not work.
Thanks again
Sean
I got an inbound rule working to achieve this.
Hello,
if I have a working environment with dirsync and SSO (ADFS), just to upgrade all settings will be maintained?
I will not need to enter Azure AD Connet and configuration settings from my ADFS?
Note: I did ran the upgrade process for Dirsync and everything remained. Regarding ADFS, as no use, I need to know if the need to set up something after dirsync upgrade process already performed.
Thank you.
After upgrading from DirSync we aren’t able to use a script we had built to manually run a sync. It used to call DirectorySyncClientCmd.exe Delta.
What is the comparable command with the new update?
Thanks
Brian
Start-ADSyncSyncCycle -PolicyType Delta
Very helpful indeed. Is it possible to use the Azure AD Connect’s synchronization rules to join objects that are present across 3 different AD forests? So, each AD object appears as in a resource, account forest, and a 3rd object is synched via FIM to a third forest for GAL population.
Thanks