Forum Discussion
Azure AD Connect is not synchronizing Computer objects
I resolved it by configuring proxy-exceptions 🙂
The reason for not synchronizing the computer-objects was that the computers were not able to contact Azure AD connection-points what is necessary to change attributes (usercertificate) so that Azure AD Connect will synchronize it to AAD.
Never previously needed to sync computer objects, but now I do.
And while all look OK, they simpley do NOT sync at all
I need the sync, so I can configurehttps://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-manual
As previous poster, any more info about it?
Seb
That was painful to understand!
It seems that Azure AD Connect does NOT willy-nilly sync computer object from local AD, unles the machine has usercertificate attribute as per best decription https://albertneef.wordpress.com/2019/01/15/how-does-a-hybrid-azure-ad-join-work/ or https://oofhours.com/2020/05/23/digging-into-hybrid-azure-ad-join/
That in turn requires Hybrid-join https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-managed-domains in Azure AD Connect
Because I needed a single Computer object to be Hybrid, I simply done Controlled join as per https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-control with a GPO assigned to a single OU where the computer resides in AD
Ofcourse the computer object was already AD joined (as it was existing computer), so just done dirty AD re-join to NETBIOS name (just take out the bits after first dot)
That created usercertificate attribute and on next sync it is synced & shows:
+----------------------------------------------------------------------+
| Device State |
+----------------------------------------------------------------------+
AzureAdJoined : YES
EnterpriseJoined : NO
DomainJoined : YES
DomainName : MYDOMAIN