Changing AAD after domain migration

Copper Contributor

Looking for some guidance on reconfiguring our Azure AD connect tool.

Some background:

We recently underwent a domain migration where we moved from older 2012 AD boxes to newer 2019 boxes.

Internally our domain has changed from an .edu domain to a .local domain, however externally everything remains the same.

We’ve migrated all our users and groups using ADMT, and their attribute did NOT change, they retain the same samaccountname, UPNs, email addresses, mS-DS-ConsistencyGuid, etc.

If I try to reinstall the AAD tool using the exported settings it pulls the old .edu domain as that is what it’s set to sync, when we’d like it to pull from our .local AD servers now instead.

When I run through the Customize Sync Options wizard I can add the .local forest to the connected directories option (if I use the /skipLDAP command), and it allows me to go through the wizard with no issue.

Before I continue with this process, I figure I’d see if I could get some questions answered:

  1. Our anchor is mS-DS-ConsistencyGuid, and they are the same on both domains, so if I go ahead and connect the .local forest, will it still create a new account still or will it simply make the connection with the current 365 account/mailbox? (Mailboxes/Exchange are in 365, we do not use on-prem exchange.)

  2. Would it be easier to just completely uninstall the Azure AD tool, and re-install it without importing the exported settings? The only reason I’m hesitant to do this is because I’m not all 100% sure on what settings are configured, other than what is shown to me on the View or Export Config settings page.


0 Replies