Forum Discussion
Can't get AD sync to Azure going
I want to sync my local AD to Azure. I'm trying to install dirsync on my Server 2012 box, which is a secondary domain controller; some web pages say that's not good.
I've found lots of web pages telling me how to do that. None of the procedures they list work, usually because the button/link I'm supposed to click doesn't exist.
When I try downloading and installing dirsync I get the enclosed error. Of course there is no Identity synchronization page. Under Users | Active Users | More | Directory Synchronization there is a popup but no Activate button. My only choice is to run the dirsync readiness wizard.
In both Chrome and IE the readiness wizard displays "Wait a moment while we get everything ready..." forever. The current iteration has been running for 2.5 hours in IE.
Do I have to do this on a server that is not a domain controller? The only one I have lying around is a Server 2003 VM that's running some legacy ASP. I'd rather not have to buy a new license just for this purpose!
Hi Jon,
Today I have experience the same issue.
What you have to do is enable Directory Syncronization by Powershell.
Connect to Azure AD and then execute the following:
To Enable Directory Sync
Set-MsolDirSyncEnabled -EnableDirSync $true
To Verify Directory Sync state
(Get-MsolCompanyInformation).DirectorySynchronizationEnabledAfter this you now can install AD Connect as C_the_S said.
As Dean_Gross said It always recomended to install on a Separate Machine.
Wel, I can't even connect to Ofice 365 with Powershell any more. Now I get:
PS C:\Users\<redacted>\Documents\WindowsPowerShell> Import-Module msonline Import-Module : The specified module 'msonline' was not loaded because no valid module file was found in any module directory. At line:1 char:1 + Import-Module msonline + ~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ResourceUnavailable: (msonline:String) [Import-Module], FileNotFoundException + FullyQualifiedErrorId : Modules_ModuleNotFound,Microsoft.PowerShell.Commands.ImportModuleCommandSo all I have to do is to grab that module, right! Hah!
Google search takes me to https://www.powershellgallery.com. From the front page I learn that I need the PowerShellGet module. There's lots of versions depending on which PowerShell version I have. So another Google search tells me how to find my version which is 4. So I have to install the PackageManagement PowerShell Modules Preview - March 2016 using the msi installer. I do so. But it doesn't load automatically, Find-Module is undefined. So how do I load a module? https://msdn.microsoft.com/en-us/library/dd878284(v=vs.85).aspx tells me "Beginning in Windows PowerShell 3.0, modules are imported automatically when any cmdlet or function in the module is used in a command." Sure they are. The same page tells me that "get-command find-module" should work. It doesn't. Howzabout Import-Module. Whoopsie, I can't find the name of the PackageManagement module anywhere, including C:\Windows\System32\WindowsPowerShell\v1.0\Modules.
Oops, I missed that I should install the latest Nugent module with powershell Install-PackageProvider Nuget –Force Exit. Which, of course, fails for an undefined term.
Finally I Google up https://technet.microsoft.com/en-us/library/dn975125.aspx which leads me to Microsoft Online Services Sign-in Assistant for IT Professionals RTW and Azure Active Directory Connection. Opening the latter I was able to turn on sync per Nuno's message.
There's 1.5 hours I'll never get back.
I've been running AAD Connect on our DC without incident. You can restart the service without restarting the server. I got yelled at for doing so at first but at 9 months without an incident I think it is safe to say it works fine. Our environment has around 400 users / a quarter of which are synced so we aren't incredibly large.
While you can do this on a DC, that approach could cause an issue if you need to troubleshoot your sync and have to restart the machine. This is why putting AAD connect on another server is recommended if you need to ensure high availability of your DCs.
You need to be using Azure Active Directory Connect, not DirSync.
https://www.microsoft.com/en-us/download/details.aspx?id=47594
Sorry, I should have said that I do not have an Azure account, just an Office 365 account.
But Azure AD Connect fails, see screenshot.
According to Control Panel | Programs and Features dirsync is not installed. But a couple of Azure AD thingies are installed, I'll uninstall them and see what happens then.
Hi Jon,
You have to Uninstall the Dirsync and install AD Connect.
