SOLVED

Sync lost between AD and Office 365 for some users

Copper Contributor

Hi everyone,

We have been using Office 365, synced with our AD for a while and everything was working well, untill I move a few users from their OU to a new one.

Then those users ended up being deleted on Office 365. I found them in "deleted users" (not sure of the title in English, we are on a French version).
I then restored those users and I had to set a new password for each of them.

The problem is those few users are no longer synced with our AD.

The other users are still displayed as "synchronized with AD", as they all have always been, but those few users are now displayed as "In the Cloud".
They obviously still exist in our AD and they are also back as Office 365 users (with their mailbox and so on), but their two accounts are no longer synced with each other.
They also were removed from distribution groups (which are synced with our AD as well) on Office 365 and I cannot put them back in those groups, because of the sync issue.
Would you have any idea to fix this?
Thank you very much in advance for your help

10 Replies

Hi Didier,

 

Have you changed the scope of synchronization or any parameter of the users ? 

Hi Nuno,

 

Do you mean with the filters, where one can set which OU can be synced with Azure AD Connect?
I heard about those filters and I then added the new OU so it can be synced as well.

Was that what you wanted to know?

Hi Didier,

 

Yes, if you get the user out of scope (OU's synchronized) the user will be deleted on Office 365.

 

After you change the OU of the user to a OU that is synchronized the Office 365 will softmatch that user to be a synchronized user.

that's what I thought would happen if I added the new OU, but it didn't.

The new OU is now part of the synchronized OU, but the softmatching didn't happen.

Maybe I should try moving back the users in their former OU, to see what happens?

best response confirmed by Didier Simon (Copper Contributor)
Solution
how long have you waited? Usually when you add an OU or something you have to do a full sync, not just the typical delta sync. Reference this, the initial sync is required for a new OU. http://techgenix.com/azure-ad-connect-11-forcing-synchronization/

Hi Christopher,

 

The problem occured one week ago, but indeed, sinced then, only delta synchronizations have been done (automatically).

I'll take a look at the article you've given me and I'll try to follow the instructions.

I thank you so much for your help, I'll get back to you to tell you what happened.

Hi Didier,

 

Has @Deleted said you will need a Full Sync.

Christopher,

 

I've just forced (twice) a full sync. Once with the wizard, and as one never knows, I did it again with power shell. Both have finished with success.

Though when I look at my users in Office 365, they're still displayed as "In the Cloud". Do you think I have to wait some minutes before it's visible?

It worked!

 

Christopher, I thank you so much for your help! :)

 

I now see all of those users as synchronized with AD

 

Thank you as well, Nuno :)

 

Have a great day!

Yeah it takes some time as you've experienced :). Glad it worked!
1 best response

Accepted Solutions
best response confirmed by Didier Simon (Copper Contributor)
Solution
how long have you waited? Usually when you add an OU or something you have to do a full sync, not just the typical delta sync. Reference this, the initial sync is required for a new OU. http://techgenix.com/azure-ad-connect-11-forcing-synchronization/

View solution in original post