I have been having difficulties with the Azure AD Connect. Initially it was configured with mS-DS-ConsistencyGuid as the anchor, and then we were running into duplicate accounts, e.g. johnsmith3422 at onmicrosoft.com. There are two out of the five accounts that are still listed as "Azure Active Directory" rather than "Microsoft AD". The UPN of the users on the local AD side is the same as their UPN and email address on Azure, the DNS resolver in pfSense, transparent mode, so no DNS issues. The Active Directory schema was updated to support mS-DS-ConsistencyGuid, but none of the accounts have any value for this schema entry.
The sync issue is presently with two accounts, I ran a PowerShell script to remove the extraneous accounts at Azure's end, but still two accounts showing as syncing from Azure rather than local AD. Password writeback was enabled as well.
If you would have time after-hours, this would be ideal, as they have staff that are working at the office and from home during all kinds of hours. For all I know, it could be working fine, I removed the Azure AD Connect, rebooted, and ensured that mS-DS-ConsistencyGuid was the anchor. Part of the project would be to spend 20 minutes or so with me and get me up to speed with this (onerous) process.
5 freelancere byder i gennemsnit $119 timen for dette job
Hi, Greetings. Certified cloud solutions architect and Linux expert. Experienced in the project described in detail for Azure AD and sync. Lets discuss over chat. Many Thanks.