Jan 11 2021 09:12 AM
I have a client with on premise exchange 2013. I set up azure ad connect to synch pws only (pw hash synchronization) for a selected group we created in local AD. This works good and everything synchs no problem. Now we want to start synching all our users and not just that group. Has anyone done this? Are there any things to look out for?
Jan 12 2021 09:18 AM
Hi you need to be aware of this :
Microsoft doesn't support modifying or operating Azure AD Connect sync outside of the actions that are formally documented. Any of these actions might result in an inconsistent or unsupported state of Azure AD Connect sync. As a result, Microsoft can't provide technical support for such deployments.
and that :
It means you cannot repeat this process .
What you need to do is use so you can sync only regular users (it's not a good idea to sync priviledged admins) :
Reference : Azure AD Connect sync: Configure filtering | Microsoft Docs