Hey everyone! I'm in the process of syncing AD Connect with our Microsoft 365 setup, but I've got a bit of a question. How do I properly link our on-prem Active Directory accounts with the existing Microsoft 365 accounts? I need to avoid ending up with duplicate accounts, and I'm not quite sure how to handle that part. Any advice would be super helpful!
1 Answer
You'll want to check out the ms-ds-consistencyguid field in AD. Essentially, you need to take the objectguid from your on-prem setup and put it in the ms-ds-consistencyguid. Then when you sync, these accounts will link. Just remember to convert the values from objectguid using some PowerShell first. It's usually smart to test by syncing just a few accounts from a specific OU first to make sure everything's set up correctly.
Exactly! Before you get too deep, make sure your UPNs match between on-prem and cloud. This makes the whole process a lot smoother. It wouldn’t hurt to run a test with a small group of users in a temp OU to check everything.