If you've already set up directory synchronization, the user's UPN for Microsoft 365 may not match the user's AD DS UPN that's defined in your AD DS. This can occur when a user was assigned a license before the domain was verified. To fix this, use PowerShell to fix duplicate UPN to update the user's UPN to ensure that the Microsoft 365 UPN matches the corporate user name and domain. If you're updating the UPN in the AD DS and would like it to synchronize with the Azure Active Directory identity, you need to remove the user's license in Microsoft 365 prior to making the changes in AD DS.
On the other hand, your on-premises AD does contribute to your Office 365 tenant in several ways. First, the whole point of AAD Connect is to copy accounts from your on-premises AD into Azure AD. If those source accounts are poorly configured, then you will have poorly configured Azure AD accounts. It is worthwhile to ensure that all the information in your on-premises AD accounts is correct and complete. Phone numbers, managers, direct reports, office locations, and other information does get copied into Azure AD and may be relevant to how you use Office 365 services. Your cloud migration project is always a good time to complete that work that always seems to fall down the priority list without this sort of migration project.
Your cloud migration success will very likely be affected by the health of your on-premises Active Directory, and possibly in ways you will not initially expect. My personal experience has taught me to be very careful with a review of the on-premises Active Directory before attempting to start any cloud migration.
Remove the .local associations and run the test again. These will be repopulated with virtually the same data aside from that .local address when you sync it with Office 365. As well since you're going from Exchange to Gsuite and back to Exchange be warned you may have some leftover garbage in your AD that will need to be cleaned up, especially if the folks that migrated it originally did it lazily.
The utility is straightforward to use. The Undo feature is also great if breaking changes are introduced using the tool.Subscribe to 4sysops newsletter!Overall, IdFix helps make synchronizing your on-premises Active Directory with Azure Active Directory much smoother, as it helps to find issues beforehand and correct them ahead of time.
Thank you in advance for your help and everything you are doing it. We appreciate all your suggestions .In few words if I want to rename the Active Directory to another name , should I first uninstall the sync tool , rename the AD (we want to get rid off .local name) and then after rename to reinstall the sync tool right The problem is not just a server name but all the forest will be changed. And the main affected will be the users that we actually have. And after it resync can we have all the users as before with the new AD Qualified domain name , or will be duplicated so with old AD name users and new AD name users
Hi Adam , first of all thank you for this helpful page. I have an important question. We want to rename the Domain Controller and of course this will affect even the sync of the users at the DC related to Office 365. If we change the name and then resync with Azure tool , will we have all the users again to the office 365 What is your suggestions regarding this case Tank you in advance
After IdFix completes the query, you can synchronize your directory if there are no errors. If there are errors in your directory, it is recommended that you fix them before you synchronize. See prepare directory attributes for synchronization with Microsoft 365 for more information. 153554b96e