Fun With Azure AD Connect
Published on April 10, 2017 by arothstein
Azure AD Connect is a software bundle, provided by Microsoft, that facilitates synchronization between your on-premises Active Directory and a remote Office365 tenant space. It allows an organization to manage its AD locally, while any additions or changes to Directory Objects are mirrored in Office365 on a scheduled basis.
Depending on the size of your Directory and the number of objects in your scope, synchronization can be scheduled on a frequency that best suits your needs. Be default, updates to your AD are synchronized with Office365 every 30 minutes. PowerShell can be used to configure the frequency of the synchronization schedule, however 30 minutes is the smallest interval between cycles allowed by the scheduler. On occasion, you may need to execute a cycle to run sooner than the next scheduled cycle. I’ll demonstrate below how to create a batch, which will allow you to run a cycle on demand.
Creating an On Demand Batch
Using the Synchronization Service Manager, components within a synchronization cycle can be exported as individual script files. These components can be saved and later ran from a command-line. In our environment, a sync cycle is comprised of 6 stages. The predefined order of these stages is important. The Import and Sync stages are looking for any changes since the last cycle completed and the Export stage transfers these changes to the respective environment.
Checking Your Cycle
|To determine the stages in your environment, open Synchronization Service Manager and click on the Operations tab. Scan through the log for a logical grouping of operations based on Start and End Times.|
|To export script files, open Synchronization Service Manager and click on the Connectors tab. Right-click on each connector and select Configure Run Profiles.|
|From the Configure Run Profiles dialog box, select a run profile from the list and click Script. Save this run profile to a file on your server. Repeat these steps for each Connector and run profile in your cycle.|
Making a Batch File
Once all stages have been saved, create a new file named “run.cmd” in the same folder. Edit this file and add the following lines:
cscript [replace with name of Internal Delta Import file].vbs
cscript [replace with name of External Delta Import file].vbs
cscript [replace with name of Internal Delta Sync file].vbs
cscript [replace with name of External Delta Sync file].vbs
cscript [replace with name of External Export file].vbs
cscript [replace with name of Internal Export file].vbs
You can execute run.cmd at any time. I would recommend having Synchronization Service Manager open to the Operations tab to monitor your batched cycle and to avoid running your batch at a time when a schedule cycle is running.
- POSTED IN: