Re-installing ad sync after a hybrid deployement
I would like to know if it is possible to setup ad sync after an exchange hybrid installation. This is the scenario.
I have an office 365 account that was in a hybrid scenario but now is cloud only. Exchange server is decommissioned.
I have experience setting up ad sync after a cut over migration using a method similar to the one shown here:
https://answers.microsoft.com/en-us/msoffice/forum/msoffice_o365admin-mso_dep365/ad-connect-dirsync-after-cutover-migration/cc3fe96a-7e86-493e-bcd1-58d4079596ef
I can find lots of articles that tell of the problems in decommissioning the last exchange server and keeping ad sync, but none which say you can't stop ad sync and re set it up from scratch. Obviously im not going to just try it. But would like to know if anyone can shed any light what is preventing it.
Its very frustrating to me I cannot keep password sync after implementing the best form of migration.
I have an office 365 account that was in a hybrid scenario but now is cloud only. Exchange server is decommissioned.
I have experience setting up ad sync after a cut over migration using a method similar to the one shown here:
https://answers.microsoft.com/en-us/msoffice/forum/msoffice_o365admin-mso_dep365/ad-connect-dirsync-after-cutover-migration/cc3fe96a-7e86-493e-bcd1-58d4079596ef
I can find lots of articles that tell of the problems in decommissioning the last exchange server and keeping ad sync, but none which say you can't stop ad sync and re set it up from scratch. Obviously im not going to just try it. But would like to know if anyone can shed any light what is preventing it.
Its very frustrating to me I cannot keep password sync after implementing the best form of migration.
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Yes you can setup AD Connect again if you removed it. There should be no issues since it just syncs user objects and passwords if you choose from your on-prem AD to O365. There should be no issues with that being re-setup.
You could not have performed an exchange hybrid migration if AD Connect wasn't first implemented prior to the migration, so are you sure that you performed a hybrid migration, curios is you perform a cut over migration or actual hybrid migration.
You could not have performed an exchange hybrid migration if AD Connect wasn't first implemented prior to the migration, so are you sure that you performed a hybrid migration, curios is you perform a cut over migration or actual hybrid migration.
Ad Connect was Implemented as part of the Hybrid, After the migration I removed it and also disabled sync in the cloud.
My concern is that maybe something of the hybrid is leftover in AD attributes which may cause it problems.
My concern is that maybe something of the hybrid is leftover in AD attributes which may cause it problems.
Oh ok. You should be able to reinstall AD connect with no issues and start resyncing objects again. I would test on a single OU first, maybe put your account and a couple other users and make sure password syncs fine also. After that you can move everyone else, but there should be no issues.
you can definitely install AD sync without any issues since all accounts are in cloud, you need to ensure that which AD attribute you will use as UPN, if its previously there, you must be knowing that which attribute you have synced as primary (Ex: UPN) so that account can soft matched with cloud one. once its soft matched, you have accounts synced with onpremsie AD
Only thing once all your accounts become AD synced, do not move them outside sync OU with onpremise active directory, else they will get deleted
The fact that you should keep one exchange onpremise, it is for account management purposes, so that account management will be carried out from onpremsie exchange to avoid duplicate proxy addresses issues
If you already decommissioned exchange from onpremise, you won't be able to convert accounts into mail enabled users which will get synced to cloud as mail enabled users, this scenario is typically used during migration, since your migration is already done and you don't want to keep any mailboxes onpremise, you don't need mail enabled users anymore
Hence, moving ahead, you can simply create users with onpremsie AD with matching cloud UPN attribute such as onpremsie user UPN and sync them with cloud
Only thing once all your accounts become AD synced, do not move them outside sync OU with onpremise active directory, else they will get deleted
The fact that you should keep one exchange onpremise, it is for account management purposes, so that account management will be carried out from onpremsie exchange to avoid duplicate proxy addresses issues
If you already decommissioned exchange from onpremise, you won't be able to convert accounts into mail enabled users which will get synced to cloud as mail enabled users, this scenario is typically used during migration, since your migration is already done and you don't want to keep any mailboxes onpremise, you don't need mail enabled users anymore
Hence, moving ahead, you can simply create users with onpremsie AD with matching cloud UPN attribute such as onpremsie user UPN and sync them with cloud
Is there any need for me to uninstall AD connect in these scenarios?
Could i just reconfigure AD connect not to be in hybrid mode and uninstall exchange?
Could i just reconfigure AD connect not to be in hybrid mode and uninstall exchange?
Also just read that the setup is not supported by Microsoft without at least one exchange server.
I think thats were all the warnings come from.
Even though it is easy enough to change SMTP address's etc with Advanced attributes in AD
I think thats were all the warnings come from.
Even though it is easy enough to change SMTP address's etc with Advanced attributes in AD
Please keep the question to a single issue because it get confusing at a point.
Is there any need for me to uninstall AD connect in these scenarios?
Could i just reconfigure AD connect not to be in hybrid mode and uninstall exchange?
If you performed a hybrid migration its not recommended to uninstall AD connect and the keep at least one exchange server. This is for management purposes or else you will need to manage certain aspects of the user via ADSIedit which can be a pain.
Is there any need for me to uninstall AD connect in these scenarios?
Could i just reconfigure AD connect not to be in hybrid mode and uninstall exchange?
If you performed a hybrid migration its not recommended to uninstall AD connect and the keep at least one exchange server. This is for management purposes or else you will need to manage certain aspects of the user via ADSIedit which can be a pain.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial