Forum Discussion

BGC Admin's avatar
BGC Admin
Copper Contributor
Oct 19, 2018

Having Soft Match Problem with Azure AD Connect

Hey guys,

 

I'm really stuck so I'm reaching out for a little help.

 

I am trying to setup Azure AD connect on my AD and O 365 environment, but am having a huge problem. I have existing accounts on office365 and want to match them with AD accounts. I have researched "Soft Matches" and attempted to match the UPN and ProxyAddress or Email to no luck. I just get Dirsync errors saying I have duplicated userprincipale name and duplicate proxy addresses. Isn't the whole point of soft matching is that they should be the same?

 

I made sure EnableSoftMatchOnUpn was enabled.

 

Thanks! 

  • Hi! Yes adconnect should do a soft match in this case! Do the smtp addresses and UPN addresses really match exactly?
    Do all users who exist in cloud fail to match from on-premises??
    Have any users been sync before?
    Have you checked so there is not any mail aliases that conflicting?
    Checked the info in the synchronization manager or event viewer for more information?
    Please read this also:
    https://support.microsoft.com/en-us/help/2647098/duplicate-or-invalid-attributes-prevent-directory-synchronization-in-o

    If for some reason it doesn’t work you could do a hard match instead on the immutableID but this must be populated
    There are lot of documentation about this

    Cheers adam
    • BGC Admin's avatar
      BGC Admin
      Copper Contributor

      Hey Adam,

       

      Thanks for the quick reply. 

       

      The STMP and UPN's are exactly the same. I'm only testing this feature with one account at the moment before I take it organization wide. I deleted all the aliases from the profile while troubleshooting. I checked the event viewer but did not see any events. I deleted my office365 account and ran a sync again and it created a new one and worked correctly, but I already have an organization with established office365 accounts and data and would hate to have to delete all of them just to have to transfer over the data. 

       

      I checked the article you sent, and it suggests that I try soft matching which I'm not able to get working. I will try hard matching though, I read you have to manually convert the GUID though so it seems troublesome for an entire organization to be synced. 

      • Please try to sync another account instead! Either create one on each side or try an existing one Which lives on both sides
  • Hi!
    Yes adconnect should do a soft match in this case!
    Do the smtp addresses and UPN addresses really match exactly?
    Do all users who exist in cloud fail to match from on-premises??
    Have any users been sync before?
    Have you checked so there is not any mail aliases that conflicting?
    Checked the info in the synchronization manager or event viewer for more information?

    Please read this also:
    https://support.microsoft.com/en-us/help/2647098/duplicate-or-invalid-attributes-prevent-directory-synchronization-in-o

    If for some reason it doesn’t work you could do a hard match instead on the immutableID but this must be populated
    There are lot of documentation about this

    Cheers adam

Resources