How To Do Delta Sync

Trigger Azure AD Connect synchronization with PowerShell

The delta sync in Azure AD Connect is the most common form of synchronization. It only performs a partial synchronization of any changes since last synchronization, so it’s very quick.

How to Sync Azure AD Connect From AD

With Easy365Manager, a simple snap-in for AD Users & Computers, you can do it from the properties of any user account:

To learn more about Easy365Manager watch this on-demand webinar.

Without Easy365Manager, you’ll need to use PowerShell.

How to Sync Azure AD Connect From PowerShell

Use the following PowerShell command to trigger an Azure AD Connect delta synchronization:

Start-ADSyncSyncCycle -PolicyType Delta

You must be logged in to the Azure AD Connect server to run this command.

Alternatively, if remote PowerShell is enabled on your AAD Connect server you can remote it like this:

Enter-PSSession [AAD Connect Server]
Start-ADSyncSyncCycle -PolicyType Delta
Exit-PSSession

Troubleshooting

The most common problems you’ll encounter with this command are the following:

Delta Sync Error: AAD is Busy

A busy AAD Connector will throw something like this at you:

Start-ADSyncSyncCycle : System.InvalidOperationException:
   Connector: skrubbeltrang.onmicrosoft.com - AAD is busy.
   at Microsoft.MetadirectoryServices.Scheduler.Scheduler.StartSyncCycle
   (String overridePolicy, Boolean interactiveMode)
   at SchedulerUtils.StartSyncCycle(SchedulerUtils* , Char* policyType,
   Int32 interactiveMode, Char** errorString)
At line:1 char:1
+ Start-ADSyncSyncCycle -PolicyType Delta
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : WriteError:
   (Microsoft.Ident...ADSyncSyncCycle:StartADSyncSyncCycle)
   [Start-ADSyncSyncCycle], InvalidOperationException
   + FullyQualifiedErrorId : System.InvalidOperationException:
   Connector: skrubbeltrang.onmicrosoft.com - AAD is busy.
   at Microsoft.MetadirectoryServices.Scheduler.Scheduler.StartSyncCycle
   (String overridePolicy, Boolean interactiveMode)
   at SchedulerUtils.StartSyncCycle(SchedulerUtils* , Char* policyType,
   Int32 interactiveMode, Char** errorString)
   ,Microsoft.IdentityManagement.PowerShell.Cmdlet.StartADSyncSyncCycle

The meaning of this error message is that the AAD Connector is currently synchronizing, so you’ll have to wait until it’s done.

Depending on the type of synchronization and amount of data you can just try again after waiting a few seconds.

Delta Sync Error: Azure AD Connect scheduler is unable to start

With this type of issue you’ll get an error message similar to this:

Start-ADSyncSyncCycle : System.InvalidOperationException: Azure AD Connect scheduler is unable to start
   a new sync cycle because Azure AD Connect wizard is open. Please close the wizard if it is not in use.
   at Microsoft.MetadirectoryServices.Scheduler.Scheduler.StartSyncCycle(String overridePolicy,
   Boolean interactiveMode)
   at SchedulerUtils.StartSyncCycle(SchedulerUtils* , Char* policyType, Int32 interactiveMode,
   Char** errorString)
At line:1 char:1
+ Start-ADSyncSyncCycle -PolicyType Delta
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : WriteError: (Microsoft.Ident...ADSyncSyncCycle:StartADSyncSyncCycle)
   [Start-ADSyncSyncCycle], InvalidOperationException + FullyQualifiedErrorId : System.InvalidOperationException:
   Azure AD Connect scheduler is unable to start a new sync cycle because Azure AD Connect wizard is open.
   Please close the wizard if it is not in use.
   at Microsoft.MetadirectoryServices.Scheduler.Scheduler.StartSyncCycle(String overridePolicy, Boolean interactiveMode)
   at SchedulerUtils.StartSyncCycle(SchedulerUtils* , Char* policyType, Int32 interactiveMode, Char** errorString),
   Microsoft.IdentityManagement.PowerShell.Cmdlet.StartADSyncSyncCycle

The meaning of this error message is that the AAD Connect wizard is open by someone. It could be yourself or one of your colleagues working in a different session to the server.

To find the culprit use the Get-Process PowerShell command:

PS C:\Windows\system32> Get-Process AzureADConnect -IncludeUserName

Handles      WS(K)   CPU(s)     Id UserName               ProcessName
-------      -----   ------     -- --------               -----------
    576     188748     2.33   2880 GIGACORP\adm.ad.jane   AzureADConnect

Or check with TaskManager:

AzureADConnect.exe

Now, that you have the name of the perpetrator who forgot to close the AAD Connect wizard, take a screenshot! It makes for good evidence who should be buying cake next Wednesday 😉

How to Manage Office 365 Mailboxes From AD

Many admins are frustrated that you need multiple web consoles, PowerShell, and an on-premises Exchange Server in order to manage Office 365.

With Easy365Manager, all daily Office 365 mailbox operations can be done from AD Users & Computers. Even configuration of calendar permissions, which is normally only available via complex PowerShell scripting:

Easy365Manager is a small snap-in to AD Users & Computers that extends user properties with two new tabs, so you no longer have to switch between multiple web consoles to perform daily management:

User Properties Tycho Brahe License Management
Click to enlarge
Exchange Online Mailbox properties in AD Users & Computers
Click to enlarge

With Easy365Manager, you can perform all daily tasks from AD Users & Computers:

  • Assign Office 365 licenses
  • Manage shared mailbox delegation
  • Configure calendar permissions
  • Configure proxyAddresses (with format and uniqueness check)
  • Replicate Azure AD Connect

And a lot more. See the complete feature list here

Additionally, Easy365Manager lets you remove your on-premises Exchange Server. This will give you 100% protection from future zero-day exploits targeting Exchange Server.

Try the fully functional 30-day trial now. It only takes a few minutes to install, has zero learning curve, and you’re guaranteed to have saved hours of work before the end of the week!