Thank you for asking this question on the Microsoft Q&A Platform.
I understand that you have various users with synchronization errors, this can be for many reasons. I would recommend the following tasks: First, run the IdFix Tool
Microsoft is working to reduce the time required to remediate identity issues when onboarding to Microsoft 365. A portion of this effort is intended to address the time involved in remediating the Windows Server Active Directory (Windows Server AD) errors reported by the directory synchronization tools such as Azure AD Connect and Azure AD Connect cloud sync. The focus of IdFix is to enable you to accomplish this task in a simple, expedient fashion.
Second, in those cases where you can´t fix the synchronization users and still, you have duplicates user you would have to do a Hard Mach(InvalidSoftMatch)
When Azure AD Connect (sync engine) instructs Azure AD to add or update objects, Azure AD matches the incoming object by using the sourceAnchor attribute and matching it to the immutableId attribute of objects in Azure AD. This match is called a hard match.
To understand the Hard-match vs Soft-match can follow this link The followings links can help you to perform the hard match:
- https://learn.microsoft.com/en-us/answers/questions/878500/how-to-perform-azure-ad-connect-hard-match
- https://www.smikar.com/azure-ad-hard-match-user-accounts/ Hope this helps!
Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
NOTE: To answer you as quickly as possible, please mention me in your reply.