Mar 09 2023 07:10 AM - edited Mar 10 2023 09:05 AM
I've joined a new machine to my on prem AD and run an Azure AD Connect delta sync but the computer is still not showing in Azure AD (30 mins later). We run a sync every 30 mins anyway, so I'm just wondering why the machine didn't sync during the delta.
I ran the Azure AD Connect diagnostics and it essentially told me everything I knew: Machine is in on prem AD, Azure AD Connect knows about it in it's database, but it couldn't find it in Azure AD.
Can somebody please enlighten me? And ideally let me know how I can get new AD computers to appear in Azure AD faster?
Does the AD machine need to have had a user logon to it before Azure AD Connect will sync it? This machine has just popped out the end of an SCCM OSDeploy task sequence so no real users have ever logged onto it.
The reason for this is that we require devices to be Hybrid joined to access most of our 365 services, and they can't get hybrid joined if they're not synced to Azure AD in the first place ;)
Thanks in advance.
Mar 09 2023 07:41 AM
Mar 10 2023 09:04 AM
Mar 10 2023 09:27 AM
Mar 20 2023 03:19 AM
There could be a few reasons why the newly joined computer object is not showing up in Azure AD after running a delta sync. Here are some steps you can take to troubleshoot the issue and get the computer object to appear in Azure AD faster:
Verify that the computer object is synchronized to Azure AD Connect. You can check this by running the following command on the server running Azure AD Connect:
Replace <GUID> with the GUID of the computer object that you want to check. This command will confirm if the computer object is synchronized with Azure AD Connect.
Check the synchronization logs for any errors or warnings related to the computer object synchronization. The logs are located in the following directory: C:\ProgramData\AADConnect\SyncEngine\SyncRulesEditor\SyncService\UIShell\SyncCycleLogs.
Ensure that the computer object has the required attributes populated in on-premises AD. Specifically, the msDS-Device object attribute should be set to TRUE for hybrid Azure AD join to work correctly.
Check if the computer object has been added to any exclusion rules in Azure AD Connect. If the object is excluded, it won't be synchronized to Azure AD.
Verify that the computer object has a valid DNS entry and that the DNS server used by the computer is the same as the one used by Azure AD Connect.
Ensure that the computer has an internet connection and can communicate with Azure AD.
Finally, you can try forcing a full synchronization instead of a delta sync to see if the computer object appears in Azure AD. You can do this by running the following command on the server running Azure AD Connect:
This will perform a full synchronization of all objects from on-premises AD to Azure AD.
By following these steps, you should be able to troubleshoot the issue and get the newly joined computer object to appear in Azure AD faster.