AD migration question

dirkdigs 921 Reputation points
2021-10-13T16:10:10.817+00:00

Hello we have 1 Existing domain (+ 1 domain trust) and 1 office 365 tenant

there is NO directory sync . i repeat there is NO AZURE AD connect .

I am proposing to build NEW active directory domain and migrate ALL the users / server / workstation into NEW domain using ADMT.

Will it be possible to Setup DIRSYNC after the migration is completed ?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,932 questions
Windows Server Migration
Windows Server Migration
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Migration: The process of making existing applications and data work on a different computer or operating system.
409 questions
Microsoft Entra
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Amit Singh 4,846 Reputation points
    2021-10-21T06:46:27.62+00:00

    Once the Cutover migration is complete, you can undoubtedly enable AAD Connect. To avoid duplicate user creation, ensure that the on-premises and cloud accounts "match" before turning it on. There are two ways:

    1. Soft-match, based on the primary SMTP address: http://support.microsoft.com/kb/2641663
    2. Hard-match, based on objectID: http://blogs.technet.com/b/praveenkumar/archive/2014/04/12/how-to-do-hard-match-in-dirsync.aspx
      The Cutover process provisions accounts based on the mail/WindowsEmailAddress attribute, so make sure those will match.
    1 person found this answer helpful.
    0 comments
  2. Clément BETACORNE 2,031 Reputation points
    2021-10-14T09:35:11.273+00:00

    Hello,

    You will be able to install Azure AD Connect after your migration, no issue because you currently don't have one.
    Can you confirm that accounts in the cloud are cloud-only via aad.portal.com ?

    0 comments
  3. Limitless Technology 39,396 Reputation points
    2021-10-15T09:28:13.567+00:00

    Hello @dirkdigs ,

    Thank you for your question.

    Office 365 will not allow a cutover migration on tenants who already have directory syncs in place.

    When using transition migration, Office 365 would enumerate all on-premises mailboxes and create equivalent ones in Exchange online (this step is called “provisioning”).

    Once the migration is complete, you can perform a full sync to "connect" your users to the on-premises AD, matching user attributes and passwords.

    I generally recommend:

    1. Start the transfer migration batch.
    2. Install and configure AD Connectet - DO NOT initiate synchronization and make sure to disable the scheduled task.

    (This would allow for quick synchronization once the migration is complete)

    1. Complete the migration.
    2. Run a full sync and enable the scheduled task to sync deltas at a predefined interval.

    See the articles below for other useful information:

    https://answers.microsoft.com/en-us/msoffice/forum/all/ad-connect-dirsync-after-cutover-migration/cc3fe96a-7e86-493e-bcd1-58d4079596ef

    https://social.technet.microsoft.com/Forums/lync/en-US/36ab1a5b-31ca-4f54-8848-361ff84d5e47/using-dir-sync-after-cut-over-migration?forum=onlineservicesmigrationandcoexistence

    -------------------------------------------------------------------------------------------------------------------------

    If the answer is helpful, please vote positively and accept as an answer.

    0 comments