Jan 14 2021
- last edited on
Jan 14 2022
Currently the company I'm working with has been using GoDaddy to purchase and run their office 365 services, but with everything going on at the moment there has been a push to want to create an Azure AD to be able to sync passwords between the local AD and the GoDaddy accounts. Everything seemed strait forward, but I've ran into a brick wall when it comes to the sync process.
I'm having to go behind my coworker to try and figure out what he has done and what is working/not working to try and fix the Azure sync. A tenant has been created using a netorgft account and the GoDaddy domain shows up as being federated under the custom domain names. We've added the Godaddy UPN to the domain and changed over one account (my account) for testing on trying to get the sync working.
An example is that before we did the changes all accounts were email@example.com and now the test account is firstname.lastname@example.org . Also the email field in the local AD matches the email email of email@example.com that is found in the GoDaddy account.
From my understanding the AD sync should use soft matching to merge the current Godaddy email address with our on premise account as long as the UPN and emails match. I'm getting an error every time I try to sync stating an account can not be made due to the email field not being unique and causing a conflict with the GoDaddy account that is showing in the Azure portal. I'm able to get no sync errors when I remove the email address field from the on-premise, but then a new Azure user is created using joe and the netorgft domain that is the primary domain for the Azure tenant. I'm not able to set the GoDaddy domain to the primary with a generic error that says I'm unable to set it as primary.
I was wondering if someone would know if it is possible to sync passwords between on premise AD and GoDaddy office 365, and if so how would I be able to go about troubleshooting why the AD sync isn't merging the accounts?
Jan 15 2021 03:05 AMSolution
GoDaddy have their own flavor of O365/Azure AD, so the general guidance might not apply there - best work with their support.
Soft match only works when the immutableID is null, so check for that. And you can always try using "hard match", based on the objectID. But again, best check with their support.
Jan 15 2021 06:07 AM
Thanks for the direction, I've been a bit confused where to start as the last time I had a problem (Deleted my email through the Azure portal when trying to resolve the duplicate entries.) it was confusing where the problem was. In the end, I had to undelete my account through my company's Azure portal because on GoDaddy's side it said the account was stuck initializing.
Again, thank you for the answer.