Fixing problems with directory synchronization for Office 365
With directory synchronization, you can continue to manage users and groups on-premises and synchronize additions, deletions, and changes to the cloud. But setup is a little complicated and it can sometimes be difficult to identify the source of problems. We have resources to help you identify potential issues and fix them.
How do I know if something is wrong?
The first indication that something is wrong is when the DirSync Status tile in the Microsoft 365 admin center indicates there is a problem.
You will also receive a mail (to the alternate email and to your admin email) from Office 365 that indicates your tenant has encountered directory synchronization errors. For details see Identify directory synchronization errors in Office 365.
How do I get Azure Active Directory Connect tool?
In the Microsoft 365 admin center, navigate to Users > Active users. Click the More menu (three dots) and select Directory synchronization.
Follow the instructions in the wizard to download Azure AD Connect.
If you are still using Azure Active Directory Sync (DirSync), take a look at How to troubleshoot Azure Active Directory Sync Tool installation and Configuration Wizard error messages in Office 365 for information about the system requirements to install dirsync, the permissions you need, and how to troubleshoot common errors.
To update from Azure Active Directory Sync to Azure AD Connect, see the upgrade instructions.
Resolving common causes of problems with directory synchronization in Office 365
Synchronized objects aren't appearing or updating online, or I'm getting synchronization error reports from the Service.
I have an alert in the admin center, or am receiving automated emails that there hasn't been a recent synchronization event
- Troubleshoot connectivity issues with Azure AD Connect
- Azure AD Connect Accounts and permissions
- Azure AD Connect sync: How to manage the Azure AD service account
- Directory synchronization to Azure Active Directory stops or you're warned that sync hasn't registered in more than a day
Password hashes aren't synchronizing, or I'm seeing an alert in the admin center that there hasn't been a recent password hash synchronization
I'm seeing an alert that Object quota exceeded
- We have a built-in object quota to help protect the service. If you have too many objects in your directory that need to sync to Office 365, you'll have to Contact support for business products to increase your quota.
I need to know which attributes are synchronized
- You can find a list of all the attributes that are synced between on-premises and the cloud right here.
I can't manage or remove objects that were synchronized to the cloud
- Are you ready to manage objects in the cloud only? Or is there an object that was deleted on-premises, but is stuck in the cloud? Take a look at this Troubleshooting Errors during synchronization and support article for guidance on how to resolve these issues.
I got an error message that my company has exceeded the number of objects that can be synchronized
- You can read more about this issue here.
IDFix tool is used to perform discovery and remediation of identity objects and their attributes in an on-premises Active Directory environment in preparation for migration to Office 365. IDFix is intended for the Active Directory administrators responsible for directory synchronization with the Office 365 service.
Download the IDFix tool from the Microsoft download center.