Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!
Re-installing ad sync after a hybrid deployement
I would like to know if it is possible to setup ad sync after an exchange hybrid installation. This is the scenario.
I have an office 365 account that was in a hybrid scenario but now is cloud only. Exchange server is decommissioned.
I have experience setting up ad sync after a cut over migration using a method similar to the one shown here:
https://answers.microsoft.com/en-us/msoffice/forum/msoffice_o365admin-mso_dep365/ad-connect-dirsync-after-cutover-migration/cc3fe96a-7e86-493e-bcd1-58d4079596ef
I can find lots of articles that tell of the problems in decommissioning the last exchange server and keeping ad sync, but none which say you can't stop ad sync and re set it up from scratch. Obviously im not going to just try it. But would like to know if anyone can shed any light what is preventing it.
Its very frustrating to me I cannot keep password sync after implementing the best form of migration.
I have an office 365 account that was in a hybrid scenario but now is cloud only. Exchange server is decommissioned.
I have experience setting up ad sync after a cut over migration using a method similar to the one shown here:
https://answers.microsoft.com/en-us/msoffice/forum/msoffice_o365admin-mso_dep365/ad-connect-dirsync-after-cutover-migration/cc3fe96a-7e86-493e-bcd1-58d4079596ef
I can find lots of articles that tell of the problems in decommissioning the last exchange server and keeping ad sync, but none which say you can't stop ad sync and re set it up from scratch. Obviously im not going to just try it. But would like to know if anyone can shed any light what is preventing it.
Its very frustrating to me I cannot keep password sync after implementing the best form of migration.
Asked:
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Ad Connect was Implemented as part of the Hybrid, After the migration I removed it and also disabled sync in the cloud.
My concern is that maybe something of the hybrid is leftover in AD attributes which may cause it problems.
My concern is that maybe something of the hybrid is leftover in AD attributes which may cause it problems.
Oh ok. You should be able to reinstall AD connect with no issues and start resyncing objects again. I would test on a single OU first, maybe put your account and a couple other users and make sure password syncs fine also. After that you can move everyone else, but there should be no issues.
you can definitely install AD sync without any issues since all accounts are in cloud, you need to ensure that which AD attribute you will use as UPN, if its previously there, you must be knowing that which attribute you have synced as primary (Ex: UPN) so that account can soft matched with cloud one. once its soft matched, you have accounts synced with onpremsie AD
Only thing once all your accounts become AD synced, do not move them outside sync OU with onpremise active directory, else they will get deleted
The fact that you should keep one exchange onpremise, it is for account management purposes, so that account management will be carried out from onpremsie exchange to avoid duplicate proxy addresses issues
If you already decommissioned exchange from onpremise, you won't be able to convert accounts into mail enabled users which will get synced to cloud as mail enabled users, this scenario is typically used during migration, since your migration is already done and you don't want to keep any mailboxes onpremise, you don't need mail enabled users anymore
Hence, moving ahead, you can simply create users with onpremsie AD with matching cloud UPN attribute such as onpremsie user UPN and sync them with cloud
Only thing once all your accounts become AD synced, do not move them outside sync OU with onpremise active directory, else they will get deleted
The fact that you should keep one exchange onpremise, it is for account management purposes, so that account management will be carried out from onpremsie exchange to avoid duplicate proxy addresses issues
If you already decommissioned exchange from onpremise, you won't be able to convert accounts into mail enabled users which will get synced to cloud as mail enabled users, this scenario is typically used during migration, since your migration is already done and you don't want to keep any mailboxes onpremise, you don't need mail enabled users anymore
Hence, moving ahead, you can simply create users with onpremsie AD with matching cloud UPN attribute such as onpremsie user UPN and sync them with cloud
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
Is there any need for me to uninstall AD connect in these scenarios?
Could i just reconfigure AD connect not to be in hybrid mode and uninstall exchange?
Could i just reconfigure AD connect not to be in hybrid mode and uninstall exchange?
Also just read that the setup is not supported by Microsoft without at least one exchange server.
I think thats were all the warnings come from.
Even though it is easy enough to change SMTP address's etc with Advanced attributes in AD
I think thats were all the warnings come from.
Even though it is easy enough to change SMTP address's etc with Advanced attributes in AD
Please keep the question to a single issue because it get confusing at a point.
Is there any need for me to uninstall AD connect in these scenarios?
Could i just reconfigure AD connect not to be in hybrid mode and uninstall exchange?
If you performed a hybrid migration its not recommended to uninstall AD connect and the keep at least one exchange server. This is for management purposes or else you will need to manage certain aspects of the user via ADSIedit which can be a pain.
Is there any need for me to uninstall AD connect in these scenarios?
Could i just reconfigure AD connect not to be in hybrid mode and uninstall exchange?
If you performed a hybrid migration its not recommended to uninstall AD connect and the keep at least one exchange server. This is for management purposes or else you will need to manage certain aspects of the user via ADSIedit which can be a pain.
u can keep both exchange and AD connect?
u can even uninstall exchange, but its recommended to keep it for user management and Microsodft does provide you hybrid key license as part of o365 license scheme
u can even uninstall exchange, but its recommended to keep it for user management and Microsodft does provide you hybrid key license as part of o365 license scheme
Keeping an exchange server on site is a pain, using advanced attributes in AD is a minor inconvenience, but thank you both for your help. Ill stay supported and leave it be.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Office
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
You could not have performed an exchange hybrid migration if AD Connect wasn't first implemented prior to the migration, so are you sure that you performed a hybrid migration, curios is you perform a cut over migration or actual hybrid migration.