Hello MS team,
I just opened the same case with the ADFS team, and they said this is an AD issue between DC and AAD
In order to summarize the issue, whenever an account is enabled for O365 sometimes is never showed up in the O365 management console.
From what I understood on the initial assessment, the account was enabled by the name of jdoe@domainA.com email address for O365, and like I mentioned earlier, was never showed up in the o365 Management console.
Later on, the System Administrator found that the 0365 account used for sync is jdoemscloud@domainA.micros
of.com. As per client “the password is definitely wrong on the DirSync server”
After further investigation, the network team has indicated that this could be a ADFS issue, however they also recommended to implement multicast for the Windows network load balancer [as per linkhttp://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006558
Initial thoughts pointed to check the multicast setup on the upstream switch, static ARP entry.
What could be happen here that passwords and users are not synchronizing here?
Can you please send your thoughts regarding the ADFS troubleshooting steps and recommendation to fix this issue? Please provide step-by-step instructions.
Can you please provide your input regarding the Windows network load balancer option?
Is the article explained on link above accurate to isolate the network side of things? Could this be root cause of issue?
Please see environment below:
Exchange servers in an internal network with IP address 10.x.x.x
ADFS servers in a DMZ doing NAT with a Public IP address 4.x.x.x
Exchange is using another new IP public for the exchange server itself. I meant, is not going to NAT to the WNLB ADFS IP, it's going to NAT to the new Exchange server IP.
Your feedback is highly appreciated