Hello, everybody, I have a phenomenon with the AD-Connect synchronization, where I'm standing something on the hose. Example scenario: You have several OUs in your Active Directory, which in turn paid for several security groups (SG). The OUs including their content (security groups & their members are synchronized error-free via the existing AD-Connect server). Now you want to implement a new AD-Connect server via the staging mode. As soon as it performs the synchronization, the OUs and SGs are synchronized, but all user objects are deleted from the security groups in the Azure AD. The OUs and SGs themselves are still present in the AAD. If the synchronization is switched back to the old AD-Connect server, all (including user objects) are stored in the AAD. Basis for the conversion is the following article: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-staging-server Can any of you explain this to me?
@Deleted Sounds like the users are not synchronized correctly. What's the sourceAnchor configured on the old Azure AD Connect server? Is it objectGuid or ms-DS-ConsistencyGuid?
On the new server it's probably ms-DS-ConsistencyGuid since it's default right now so you might want to change it on the old server before, so you have the same sourceAnchor on both servers before moving the synchronization.