Let’s see what to do when azure ADSync synchronize you on Premise AD user to azure to @domain.onmicrosoft.com. In most cases it was done when i have already existing user username@mydomain.tld. Fortunately this is fixable problem. So what to do?
First of all you will need to find ObjectGUID of users which you want update. This can be retrieved form you local AD. But not that one you can find in MMC if you check users atribute. This format is not accepted with Azure AD, so there is another way to obtain it. We use tool called LDIFDE.
This tool can export/inport data from/to Active Directory. You can find more about it here https://support.microsoft.com/en-us/help/555636.
So let’s export users data to txt file by following command
Getting ObectGuid
| |
| |
So and this is right format which we will need to set up to account in Azure AD in case of sinchronization. But first you will need remove existing account.
Updating our Azure AD user
You will need to connect to office 365 via Powershell. So if you dont have MSOnline extension install it
| |
Connect to Your Office 365
| |
Update Guid to your existing user
| |
If there exists user which already using this id you will getting error on output so at first you will need remove existing user with this id.
Stop synchronization betweehn AD and Azure AD (by opening azure AD configuration)
To get existing user use:
| |
If user was deleted is perhaps in recycle Bin and is not returned in output so use following command to show it
| |
This command give you same result but for deleted users.
OK. Now remove this user
| |
and remove him from recycle bin
| |
Thats all. Now close ADSync config screen and wait until synchronization si conplete or in powershell run ` Start-ADSyncSyncCycle'.