Share via

Multiple OUs Not Syncing to Entra Despite Azure AD Connect Configuration

Anonymous
2024-09-11T18:30:15+00:00

We have Azure AD Connect configured to sync specific OUs to Entra, but the majority of these OUs are not being synced as expected. While a few OUs are syncing properly, most of them, which primarily contain computer objects (e.g., "(Site) Display Computers"), are not being recreated in Entra.

I’ve already used IDFix to check for objects with synchronization issues, but none of the affected OUs are flagged with errors. Additionally, I have gone through the Azure AD Connect troubleshooter for the specific OUs that aren’t syncing, but it hasn't provided any actionable results.

Is there something I might be overlooking?

Windows Server Identity and access Active Directory

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments
Accepted answer
  1. Anonymous
    2024-09-12T06:41:51+00:00

    Hi Carter Wright1,

    Thank you for posting in the Microsoft Community Forums.

    1. Check OU filter settings

    First, make sure that the OU filter settings in Azure AD Connect are correct. In the Azure AD Connect Configuration Wizard, you can set which OUs should be synchronized. Check that these settings actually include the OUs that you want to synchronize, especially those that contain computer objects.

    1. Verify the synchronization rules

    Azure AD Connect uses synchronization rules to determine which objects should be synchronized from the source directory (e.g. Active Directory) to the target directory (e.g. Azure AD/Microsoft Entra). Check the synchronization rules to ensure that they do not exclude OUs that contain computer objects, which you can view and modify in the Synchronization Rules Editor in Azure AD Connect.

    1. Check network connectivity and permissions

    Ensure that the Azure AD Connect server has access to all relevant Active Directory domain controllers and has sufficient permissions to read and synchronize all necessary OUs and objects. Network issues or insufficient permissions can cause synchronization to fail.

    1. Viewing Synchronization Logs

    Azure AD Connect provides detailed synchronization logs that can help you diagnose problems that occur during synchronization. Review these logs, especially those log entries related to unsynchronized OUs. The logs may contain detailed information about why these OUs were not synchronized.

    1. Rerunning the Synchronization Cycle

    Sometimes a simple re-run of the synchronization cycle can resolve synchronization issues. You can start a full or incremental synchronization cycle in the Actions tab of Azure AD Connect.

    Best regards

    Neuvi

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest