How to fix Azure Active Directory?

George Adrian 0 Reputation points
2024-01-10T19:57:01.4433333+00:00

A Client had their server stop working. the information was not recoverable and there was no backup. So a new server was purchased and they set up a new domain. All of the assets (about 15) were removed from the old domain and joined to the new domain (same name). They set up new ID's for the users and had them log into the domain. The previous set up was a hybrid set up, which is what the customer wanted. So now they have everything set up, however things are not syncing between on premises and AAD. I assume this is because of a mis-match on the user ID's and all of the old assets are in the Devices tab in AAD. The previous server was set up to sync between AD and AAD, however that is now lost. So is there a way to fix this? I understand that the sync is not working because the user id will have a different SID than the new ones. Is there a way to delete everything in Azure an start over, however that is also a problem as email is attached to that. Really lost as to how I can help here.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,898 questions
Microsoft Entra
{count} votes

1 answer

Sort by: Most helpful
  1. Thameur-BOURBITA 35,596 Reputation points
    2024-01-10T23:14:49.63+00:00

    Hi @George Adrian

    You have to deploy or configure Entra connect server to sync new domain to Entra ID.

    Regarding the match between AD account and Entra ID ( Azure) account , there are two method. Soft match , based on mail and UPN. SO if you keep the same UPN or mail you soft match can relink new AD account to old Entra ID account. Hard-Match based on msds-consystencyGUI attribut in AD and Immutable attribut in Entra ID. I invite you to read this article for more details : Microsoft Entra Connect: When you have an existing tenant

    If the both method is not working or complicated to implement, you can delete all User account in Entra ID and let Entra connect server or Cloud Sync in order to sync all users account in the new domain by creating new account in Entra ID. But in this case user risk loose access on his data in Azure


    ---Please don't forget to accept helpful anwer

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.