Azure AD Connect is the synchronization service that will ensure your local Active Directory and Office 365 are kept in sync.
Maybe it’s been a while since you installed Azure AD Connect. Or perhaps you’ve taken over the administration of someone else’s undocumented mess?
Fortunately, you can find your Azure AD Connect Server with two different approaches.
Find Azure AD Connect Using the MSOnline PowerShell Module
The MSOnline PowerShell module has a super-secret method. You’ll have a hard time digging out of the documentation found at Microsoft:
(Get-MsolCompanyInformation).DirSyncClientMachineNameThe attribute DirSyncClientMachineName is not even mentioned in the official documentation of the Microsoft.Online.Administration.CompanyInformation object.
But it (still) works like a charm:
PS C:\> (Get-MsolCompanyInformation).DirSyncClientMachineName DC-01
Find Azure AD Connect Using Active Directory
To identify the Azure AD Connect server using AD information, the following command is a neat trick:
Get-ADUser -LDAPFilter "(description=*configured to synchronize to tenant*)" -Properties description | % { $_.description.SubString(142, $_.description.IndexOf(" ", 142) - 142)}(the script requires that the Active Directory PowerShell module is available on your system)
If the Azure AD Connect installation was performed according to defaults, the output would be the server name of the Azure AD Connect server, e.g., something like this:
PS C:\> Get-ADUser -LDAPFilter "(description=*configured to synchronize to tenant*)"
-Properties description | % { $_.description.SubString(142, $_.description.IndexOf(" ", 142) -142)}
DC-01
In a default installation, your Azure AD Connect server creates an AD synchronization account named “MSOL_[12 hex chars].
This account is configured with a description property similar to this:
Account created by Microsoft Azure Active Directory Connect with installation identifier f501fa0aee0340a0b9c1a93ddc6e7d19 running on computer DC-01 configured to synchronize to tenant easy365manager.onmicrosoft.com. This account must have directory replication permissions in the local Active Directory and write permission on certain attributes to enable Hybrid Deployment.
The above PowerShell script searches for a description field similar to this and extracts the server name.
For simplicity, The PowerShell script assumes the server name appears at char 142. However, this may change in the future.
Also, if you upgraded Azure AD Connect by installing it to a new server, you’ll find several similar values. In that case, you can look at the creation date of the entries.
How to Synchronize Azure AD Connect From AD
Many admins are frustrated that you need multiple web consoles, PowerShell, and an on-premises Exchange Server in order to manage Office 365.
With Easy365Manager, all daily Office 365 mailbox operations, including Azure AD synchronization, can be done from AD Users & Computers:
Easy365Manager is a small snap-in to AD Users & Computers that extends user properties with two new tabs, so you no longer have to switch between multiple web consoles to perform daily management:
With Easy365Manager, you can perform all daily tasks from AD Users & Computers:
- Assign Office 365 licenses
- Manage shared mailbox delegation
- Configure calendar permissions
- Configure proxyAddresses (with format and uniqueness check)
- Replicate Azure AD Connect
And a lot more. See the complete feature list here.
Additionally, Easy365Manager lets you remove your on-premises Exchange Server. This will give you 100% protection from future zero-day exploits targeting Exchange Server.
Try the fully functional 30-day trial now. It only takes a few minutes to install, has zero learning curve, and you’re guaranteed to have saved hours of work before the end of the week!