Wednesday , October 16 2019

Azure Active Directory Sync – Choose Specific OUs

Most Common Mistakes. On First Run – Admins – Run Azure Active Directory Sync and Choosing the whole domain/directory to sync.

And later realize they sync so much garbage accounts to Cloud.

Lets see how to cleanup this mess.

Open Azure Active Directory PowerShell.

Set-ADSyncScheduler –SyncCycleEnabled $False

clip_image001

Open Azure Synchronization Service Manager.

Right Click Properties.

image

Choose Containers –

image

Choose the OUs you need who has users and groups and computers which are running windows 10 to leverage azure feature sets

image

Now run a Full Import

image

Now you can see the Deletes –

image

if you see below error

Stopped-deletion-Threshold-exceeded.

Disable (Prevents accidental deletes) – Temporarily. use below command

Disable-ADSyncExportDeletionThreshold

image

Enabled it back (Prevents accidental deletes)

Enable-ADSyncExportDeletionThreshold

Enable Sync Scheduler Back.

Set-ADSyncScheduler –SyncCycleEnabled $True

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Azure365pro.com. Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Save Public IPs using F5 LTM Policies

F5 has different modules and one of them is LTM – Local Traffic Manager . ...

Leave a Reply

Your email address will not be published.