Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

(2017-06-28) Azure AD Connect Wizard Chooses To Sync All Instead Of Already Selected OUs/Domains

Posted by Jorge on 2017-06-28


After upgrading to the latest version of AAD Connect, at the time of writing that was v1.1.553.0 as described here, I ran the AAD Connect wizard to enable an option that I wanted to try.

While going through the wizard I noticed that the wizard by default chose the option “Sync All Domains An OUs” instead of the option “Sync Selected Domains And OUs”. In my opinion it should have selected the last option as THAT was what I had configured previously including the selected domains and OUs.

image

Figure 1: AAD Connect Wizard Selecting The Option “Sync All Domains And OUs”

So, how do you solve this? Just reselect the option “Sync Selected Domains And OUs” and all your previous selected domains and OUs that you selected previously are reselected again

image

Figure 2: Fixing The Default Selection Of The AAD Connect Wizard With The Selection Of The Option “Sync Selected Domains And OUs”

Prior to version v1.1.524.0 you had to use the Synchronization Service Manager if you did not want to have OUs in the root of the domain to be automatically selected for sync. With v1.1.524.0 and later you can also use the AAD Connect wizard to not have OUs in the root of the domain to be automatically selected. This corresponds to the following issue fixed in v1.1.524.0:

To configure OU filtering, you can either use the Azure AD Connect wizard or the Synchronization Service Manager. Previously, if you use the Azure AD Connect wizard to configure OU filtering, new OUs created afterwards are included for directory synchronization. If you do not want new OUs to be included, you must configure OU filtering using the Synchronization Service Manager. Now, you can achieve the same behavior using Azure AD Connect wizard.

So if with the introduction with version v1.1.524.0 you also unselected the domains as shown below and now you run the wizard and see the domains being selected again, you will need to fix this yourself. The fix is quite easy. Do not selected any of the domains, just expand and re-collapse each of the domains. You will see the checkmark will disappear

image

Figure 3: Fixing The Default Selection Of The AAD Connect Wizard Of Each AD Domain Being Checked With The Unchecking Of Each AD Domain

Cheers,
Jorge

————————————————————————————————————————————————————-
This posting is provided "AS IS" with no warranties and confers no rights!
Always evaluate/test everything yourself first before using/implementing this in production!
This is today’s opinion/technology, it might be different tomorrow and will definitely be different in 10 years!
DISCLAIMER:
https://jorgequestforknowledge.wordpress.com/disclaimer/
————————————————————————————————————————————————————-
########################### Jorge’s Quest For Knowledge ##########################
####################
http://JorgeQuestForKnowledge.wordpress.com/ ###################
————————————————————————————————————————————————————-

Advertisements

2 Responses to “(2017-06-28) Azure AD Connect Wizard Chooses To Sync All Instead Of Already Selected OUs/Domains”

  1. […] Also explained here, including solution: (2017-06-28) Azure AD Connect Wizard Chooses To Sync All Instead Of Already Selected OUs/Domains […]

  2. […] « (2017-06-28) Azure AD Connect Wizard Chooses To Sync All Instead Of Already Selected OUs/Domain… […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: