Entra Connect cloudsync (entra ID -> AD sync)

User 40 Reputation points
2024-05-21T16:26:52.3566667+00:00

Dear,

I am trying to do cloud syncronization from Entra ID to Active Directory via entra website. However this is not working. In the opposite direction it does (AD -> entra ID). Does anyone have any idea how I can solve this?

I can press the “create” button but as soon as it loads I get an error message.

Title error message: “Configuring Cloud Synchronization”.

The error message I get when it failed is: “An unexpected error has occurred. Please refresh the data and try again.”

Does anyone have a solution for this?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,094 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,184 questions
{count} votes

Accepted answer
  1. Marcin Policht 16,335 Reputation points MVP
    2024-05-23T15:20:14.73+00:00

    This is not supported directly by Entra ID Sync. You'd need to create that user manually and leverage the soft match capability. Follow https://www.alitajran.com/sync-azure-ad-user/


    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin

    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Marcin Policht 16,335 Reputation points MVP
    2024-05-22T02:43:42.4033333+00:00

    To implement group write-back with Cloud Sync, follow https://learn.microsoft.com/en-us/entra/identity/hybrid/group-writeback-cloud-sync


    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin


  2. Sandeep G-MSFT 15,341 Reputation points Microsoft Employee
    2024-06-06T16:05:09.81+00:00

    @User

    AD connect is always one way sync for objects (users, groups, contacts and devices). AD connect syncs objects from on-prem to Azure AD.

    AD connect doesn't writeback user from Azure AD to on-premises AD. The user writeback preview feature was removed in the August 2015 update to Azure AD Connect.

    This is also documented in our public document https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-preview#user-writeback

    Currently we do not have this feature. However, this might be one of our upcoming features in AD connect.

    About your question you had regarding users created directly in Entra ID, you will have to create similar users in on-premises with same UPN and Proxy address.

    Once users are created in on-premises AD, you can trigger sync and this will do a soft match for account in on-premises and Entra ID.

    Let us know if you have any further questions.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments