question

ShawnG-9080 avatar image
0 Votes"
ShawnG-9080 asked ·

Azure AD synce with On premise AD

So here's the scenario i'm having. i installed the azure AD connect tool on my on prem DC. everything worked great except one item. I just did the default express install and of course that included my whole OU of the company. which in turned imported every user on that domain. I then followed these steps to correct my issue. customized it selected only OU's we want to sync to Azure AD from our on prem domain.

https://aidanfinn.com/?p=21171

I have forced replication in the azure AD sync tool via powershell, waited for almost 4 hours and users are still in azure AD that arent in the selected OU's we had selected. how do i got about getting those users out of azure AD that aren't in the OU's we only want synced from on premi AD. Thanks as always for any help.

azure-ad-connect
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

2 Answers

csuttorp avatar image
0 Votes"
csuttorp answered ·

Have you forced a full or delta sync from on prem to aad after your custom configuration of aad connect? After a full sync you could remove the aad object with the powershell cmdlets mentioned in your link, I think.

· Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ShawnG-9080 avatar image
0 Votes"
ShawnG-9080 answered ·

This is now resolved. Csuttirp you def had one part which helped right full sync

so heres what i had to do from this article https://www.reddit.com/r/Office365/comments/b9ousl/removed_a_ou_from_ad_sync_how_long_till_the_users/

steps since i had over 500 objects had disable this threshold Disable-ADSyncExportDeletionThreshold

then ran full sync Start-AdSyncSyncCycle -PolicyType Initial

and everything synced up correctly..

· Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.