@Andy David - MVP
- We have tested the latest version on a test server and noticed all the groups syncing correctly. However, we want to test this on our production and please advise how do we set up ad connect on a new server and configure it to sync only a specific OU that has users and groups.
Do we migrate to a new server?
Or uninstall the current ad connect and install-configure it on the new server.
Most importantly we do not want any changes in the Azure AD, the users already in there must not be affected.
- On the current AD Connect we noticed under AD Connect configuration
Domain and OU Filtering - 2 OUs "Groups" & "Pulse_Users" under the OU "User Accounts" are selected.
The OU "Pulse_Users" has a security group named "PulseG"
Next - Filter users and devices: current selection is "Synchronize Selected" & the entry is as below "CN=PulseG,OU=Pulse_Users,OU=User Accounts,DC=cn,DC=contoso,DC=com"
and hence only the members of this group is being synced. The group is not synced and ONLY the members.
Do I need to modify this entry or what happens if we select "Synchronize all users and devices"
Do we need to change any settings in the below window.
- Current AD users and M365 users have 2 different passwords. How can we enable sso for users to have the same password for the domain computer login & M365 account? the M365 has mfa enabled.