Office 365 synchronization problems
Hi,
I am getting some error email reports for my ad and office 365 synchronization.
Would like some help pls.
We only use Lync server. Exchange is local.
This are the events:
Unable to update this object, as the following attributes associated with the object have values ¿¿that may already be linked to another object in directory services locations: ProxyAddresses SMTP:user@contoso.com.br,s
Fix or remove duplicate values ¿¿in the local directory.
See http://support.microsoft.com/kb/2647098 for more information on how to identify objects with attribute values ¿¿duplicated.
AND
Please contact technical support to solve the dual WindowsLiveNetId within this user . It is not possible to update this object, as the following attributes associated with the object have values ¿¿that may already be linked to another object in directory services locations: UserPrincipalName user2@office365dominio.onm
Fix or remove duplicate values ¿¿in the local directory. See http://support.microsoft.com/kb/2647098 for more information on how to identify objects with attribute values ¿¿duplicated.
One thing I noticed is that there´s a lot of objects that should not be synchronizing. How to filter this and how do I resolve the above issues?
Thx!
I am getting some error email reports for my ad and office 365 synchronization.
Would like some help pls.
We only use Lync server. Exchange is local.
This are the events:
Unable to update this object, as the following attributes associated with the object have values ¿¿that may already be linked to another object in directory services locations: ProxyAddresses SMTP:user@contoso.com.br,s
Fix or remove duplicate values ¿¿in the local directory.
See http://support.microsoft.com/kb/2647098 for more information on how to identify objects with attribute values ¿¿duplicated.
AND
Please contact technical support to solve the dual WindowsLiveNetId within this user . It is not possible to update this object, as the following attributes associated with the object have values ¿¿that may already be linked to another object in directory services locations: UserPrincipalName user2@office365dominio.onm
Fix or remove duplicate values ¿¿in the local directory. See http://support.microsoft.com/kb/2647098 for more information on how to identify objects with attribute values ¿¿duplicated.
One thing I noticed is that there´s a lot of objects that should not be synchronizing. How to filter this and how do I resolve the above issues?
Thx!
ASKER
hi,
Thx for help.
I already visited this link. I didnt find any duplicate attribute...
And now?
Thx for help.
I already visited this link. I didnt find any duplicate attribute...
And now?
we couldnt see the duplicate atrribute either its hidden somewhere within powershell, if you delete the user whos having an issue and recreate them after about 30 minutes to an hour it will flush this data out.
ASKER
But i erase on my local AD or on Office 365?
you need to erase from office 365 because the underlying power shell duplicates are located in powershell sessions within the office 365 datacenter.
ASKER
If I delete a user on office 365, it will be deleted on my local active directory too?
no, since theres no active directory up at office 365 it wont delete the local account. if you delete the local AD account then it will delete the 365 account because of dirsync.
ASKER
Ok,
Could you pls guide me how to delete this users?
Could you pls guide me how to delete this users?
Hi DELAGIO,
Please run the office 365 deployment readiness tool (http://community.office365.com/en-us/forums/183/p/2285/8155.aspx)
The tool will help you to analyze your current environment. You do not need any special permissions to run the tool, make sure that you run the tool from a domain joined machine.
Regarding you second question, when Directory Synchronization is used, then any identity management must happen from your onpremise Active Directory including tasks such as user creation, password change, user deletion etc.
Please run the office 365 deployment readiness tool (http://community.office365.com/en-us/forums/183/p/2285/8155.aspx)
The tool will help you to analyze your current environment. You do not need any special permissions to run the tool, make sure that you run the tool from a domain joined machine.
Regarding you second question, when Directory Synchronization is used, then any identity management must happen from your onpremise Active Directory including tasks such as user creation, password change, user deletion etc.
ASKER
No solution so far...
Hi DELAGIO,
Did you try my suggestion? office 365 deployment readiness tool (http://community.office365.com/en-us/forums/183/p/2285/8155.aspx)
Did you try my suggestion? office 365 deployment readiness tool (http://community.office365.com/en-us/forums/183/p/2285/8155.aspx)
ASKER
Here what i discovered:
All users with synchronization problems are from the same department.
Investigating I discovered that an organizational unit was deleted some time ago, and the users inside were alredy present on office 365.
After the deletion those user were recreated anb re-synchronized on office365 and THAT is my problem... AD is trying to synchronize the same name with different sid´s.
Got the point?
How we fix it?
All users with synchronization problems are from the same department.
Investigating I discovered that an organizational unit was deleted some time ago, and the users inside were alredy present on office 365.
After the deletion those user were recreated anb re-synchronized on office365 and THAT is my problem... AD is trying to synchronize the same name with different sid´s.
Got the point?
How we fix it?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, just a few questions:
This process will delete the office 365 users and re-create it? is that it?
This process will delete the office 365 users and re-create it? is that it?
Yes correct, you remove the federated user from your office 365 tenant with step 1-3 and re-create with step 4.
ASKER
Hi,
This part: "Get-MsolUser -all –ReturnDeletedUsers |Remove-MsolUser –RemoveFromRecycleBin" is not working.
It do not recognize all part after the pipe.
This part: "Get-MsolUser -all –ReturnDeletedUsers |Remove-MsolUser –RemoveFromRecycleBin" is not working.
It do not recognize all part after the pipe.
ASKER
Found the problem!! My azure active directory powershell module was out of date, uninstalled and installed a up to date one and everything worked fine!
Going to wait till tomorrow and see if the synchronization issues were solved!
Going to wait till tomorrow and see if the synchronization issues were solved!
Sure :)
ASKER
Hi,
SMTP problems are solved!!
Now we need to solve the second problem!
Any suggestion?
SMTP problems are solved!!
Now we need to solve the second problem!
Any suggestion?
Can't you just look into your Active Directory and find the attributes?
ASKER
Sorry but i did not understand.
What i have to do?
What i have to do?
ASKER
OK
http://support.microsoft.com/kb/2647098