Hello,
I want to migrate my Azure ad connect from 2012R2 to 2019.
I follow different steps :
Export json configuration from my 2012r2
Modify AD service account (msolxxxxxxx) password
Update connector update for this account (and it's working)
Export configuration with Get-ADSyncServerConfiguration -Path "<CompletePathToOutputFolder>"
I install new server 2019 and Azure ad connect with import json file and nothing checked (I use local sql + I want assistant create my service account sync).
I use the AD service account when asked and I validate the assistant with staging mode.
Then I use Get-ADSyncServerConfiguration -Path "<CompletePathToOutputFolder>" on the new server and the script here to compare : https://github.com/Microsoft/AADConnectConfigDocumenter/wiki
It show me I have some differences and I don't know what to think about :
On the source only :
Microsoft.GroupWriteBack.Container
Microsoft.GroupWriteBack.Forest
On the destination only :
attribute msDS-KeyCredentialLink
and conditions/rules
msDS-KeyCredentialLink + Out to AD - Device STKKey + Out to AD - User NGCKey
My azure ad connect on the 2012r2 has been upgraded several time. On the 2019 it's from scratch installation.
What do I need to do? Can I fallover to my 2019 and remove my 2012r2 or do I need to remove the rules on the destination first ?