Hi,

Hopefully this is the correct forum. I tried searching for an answer before (both on forum and google), but nothing came up.

I'm deploying an Azure Web application at a customer make their internal SP solution available from outside their corp environment. After some dns and kreberos issues i have managed to get this going, and almost everything works. No ADFS on this customer.

so far i've made 3 "azure applications" avalible: SP portal, SP Profile, Office Web Apps (called OWA from now on). Both SP portal and SP profile sites works very well, but i've hit a snag enabling OWA.

OWA runs within a Iframe on the SP site, and because of security, the x-frame-option on SP is set to SAMEORIGIN. this creates some issues when the end user first tries to get OWA content, as azure authentication is needed. The end user end up getting either an standard - error from OWA (chrome) or "This content cannot be displayed in a frame" (IE11+Edge). 

The weird thing is that its not the SP site that complains about frame (fiddler shows sameorigin but still sends request to MS login). Its the Azure login page (x-frame-options:deny).

Does anyone know of a way to get around this?

We are syncing our on premis accounts to Azure Active Directory. The attributes we have chosen are default (3rd party apps and CRM-online), with other attributes selected within the AD Connect Sychronizatoin Service.

The Attribute i am wondering about is the 'department' attribute. Our users have that field filled out with their accounts (on premis), yet when we synchronize the accounts to the cloud. The department field is blank.

Do you know if we have to setup a custom inboud/outbound rule that would map both attributes?

What puzzles me is that other attributes get filled out correctly (mobile phone, postal code, title) etc.. just the department field is blank.

help!!!

Hi

I am having issues with the Azure AD Connect.

It was installed and syncing OK than last week it stop syncing. It would error when I tired to run the tool. and the service would not start.

After many attempts to fix it it was decided to remove it and then re add it again. I went to remove it and then the server started to max out the CPU. 

I managed to get the server to respond my using msconfig and disable the azure sync service. I was then able to manually remove azure with ref to the like below. https://blogs.msdn.microsoft.com/vilath/2015/06/17/azure-ad-sync-unable-to-install-the-synchronization-service/

When trying to run the AzureADConnect installer again it comes up with remote or repair I have therefore run the remove a few times.

Now when I run it it still comes up with the remove or repair, however if I run the repair I get the error below. Any ideas? error log is also below

.

[15:03:05.340] [  1] [INFO ]
[15:03:05.445] [  1] [INFO ] ================================================================================
[15:03:05.445] [  1] [INFO ] Application starting
[15:03:05.445] [  1] [INFO ] ================================================================================
[15:03:05.445] [  1] [INFO ] Start Time (Local): Fri, 03 Jun 2016 15:03:05 GMT
[15:03:05.445] [  1] [INFO ] Start Time (UTC): Fri, 03 Jun 2016 14:03:05 GMT
[15:03:05.447] [  1] [INFO ] Application Version: 1.1.180.0
[15:03:05.447] [  1] [INFO ] Application Build Date: 2016-05-07 06:11:06Z
[15:03:05.447] [  1] [INFO ] Application Build Identifier: AD-IAM-HybridSync master (1096551)
[15:03:06.673] [  1] [INFO ] machine.config path: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config.
[15:03:06.673] [  1] [INFO ] Default Proxy [ProxyAddress]: <Unspecified>
[15:03:06.673] [  1] [INFO ] Default Proxy [UseSystemDefault]: Unspecified
[15:03:06.673] [  1] [INFO ] Default Proxy [BypassOnLocal]: Unspecified
[15:03:06.673] [  1] [INFO ] Default Proxy [Enabled]: True
[15:03:06.673] [  1] [INFO ] Default Proxy [AutoDetect]: Unspecified
[15:03:06.688] [  1] [INFO ] AADConnect changes ALLOWED: Successfully acquired the configuration change mutex.
[15:03:06.704] [  1] [INFO ] RootPageViewModel.GetInitialPages: Beginning detection for creating initial pages.
[15:03:06.709] [  1] [INFO ] Checking if machine version is 6.1.7601 or higher
[15:03:06.720] [  1] [INFO ] The current operating system version is 6.3.9600, the requirement is 6.1.7601.
[15:03:06.720] [  1] [INFO ] Password Sync supported: 'True'
[15:03:06.727] [  1] [INFO ] DetectInstalledComponents stage: The installed OS SKU is 7
[15:03:06.732] [  1] [INFO ] DetectInstalledComponents stage: Checking install context.
[15:03:06.734] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Online Services Sign-In Assistant for IT Professionals
[15:03:06.735] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:06.738] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {03c97135-0e31-4334-9215-63827d4f07d4}: no registered products found.
[15:03:06.739] [  1] [INFO ] Determining installation action for Microsoft Online Services Sign-In Assistant for IT Professionals (03c97135-0e31-4334-9215-63827d4f07d4)
[15:03:06.739] [  1] [INFO ] Product Microsoft Online Services Sign-In Assistant for IT Professionals is not installed.
[15:03:06.739] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Azure Active Directory Module for Windows PowerShell
[15:03:06.739] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:06.741] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {bbf5d0bf-d8ae-4e66-91ab-b7023c1f288c}: verified product code {43cc9c53-a217-4850-b5b2-8c347920e500}.
[15:03:06.741] [  1] [VERB ] Package=Windows Azure Active Directory Module for Windows PowerShell, Version=1.0.0, ProductCode=43cc9c53-a217-4850-b5b2-8c347920e500, UpgradeCode=bbf5d0bf-d8ae-4e66-91ab-b7023c1f288c
[15:03:06.742] [  1] [INFO ] Determining installation action for Microsoft Azure Active Directory Module for Windows PowerShell
[15:03:06.796] [  1] [INFO ] CheckInstallationState: Packaged version (1.1.180.0), Installed version (0.0.0).
[15:03:06.796] [  1] [INFO ] CheckInstallationState: AAD PowerShell will be extracted (1.1.180.0 > 0.0.0).
[15:03:06.796] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Visual C++ 2013 Redistributable Package
[15:03:06.796] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:06.796] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {20400cf0-de7c-327e-9ae4-f0f38d9085f8}: no registered products found.
[15:03:06.796] [  1] [INFO ] Determining installation action for Microsoft Visual C++ 2013 Redistributable Package (20400cf0-de7c-327e-9ae4-f0f38d9085f8)
[15:03:06.796] [  1] [INFO ] Product Microsoft Visual C++ 2013 Redistributable Package is not installed.
[15:03:06.796] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Directory Sync Tool
[15:03:06.797] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:06.797] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {bef7e7d9-2ac2-44b9-abfc-3335222b92a7}: no registered products found.
[15:03:06.797] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {dc9e604e-37b0-4efc-b429-21721cf49d0d}: no registered products found.
[15:03:06.797] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {545334d7-13cd-4bab-8da1-2775fa8cf7c2}: verified product code {6a32d887-8e8c-4872-8e57-8a81a5eb3a1c}.
[15:03:06.797] [  1] [VERB ] Package=Microsoft Azure AD Connect synchronization services, Version=1.1.130.0, ProductCode=6a32d887-8e8c-4872-8e57-8a81a5eb3a1c, UpgradeCode=545334d7-13cd-4bab-8da1-2775fa8cf7c2
[15:03:06.802] [  1] [INFO ] Determining installation action for Microsoft Directory Sync Tool UpgradeCodes {bef7e7d9-2ac2-44b9-abfc-3335222b92a7}, {dc9e604e-37b0-4efc-b429-21721cf49d0d}
[15:03:06.802] [  1] [INFO ] DirectorySyncComponent: Product Microsoft Directory Sync Tool is not installed.
[15:03:06.802] [  1] [INFO ] Performing direct lookup of upgrade codes for: Azure AD Sync Engine
[15:03:06.802] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:06.802] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {545334d7-13cd-4bab-8da1-2775fa8cf7c2}: verified product code {6a32d887-8e8c-4872-8e57-8a81a5eb3a1c}.
[15:03:06.803] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {dc9e604e-37b0-4efc-b429-21721cf49d0d}: no registered products found.
[15:03:06.803] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {bef7e7d9-2ac2-44b9-abfc-3335222b92a7}: no registered products found.
[15:03:06.803] [  1] [VERB ] Package=Microsoft Azure AD Connect synchronization services, Version=1.1.130.0, ProductCode=6a32d887-8e8c-4872-8e57-8a81a5eb3a1c, UpgradeCode=545334d7-13cd-4bab-8da1-2775fa8cf7c2
[15:03:06.804] [  1] [INFO ] Determining installation action for Azure AD Sync Engine (545334d7-13cd-4bab-8da1-2775fa8cf7c2)
[15:03:06.873] [  1] [VERB ] Check product code installed: {4e67cad2-d71b-4f06-a7ae-bb49c566bb93}
[15:03:06.873] [  1] [INFO ] GetProductInfoProperty({4e67cad2-d71b-4f06-a7ae-bb49c566bb93}, VersionString): unknown product
[15:03:06.874] [  1] [INFO ] AzureADSyncEngineComponent: Product Azure AD Sync Engine (version 1.1.130.0) is installed, needs to be upgraded to version 1.1.180.0.
[15:03:07.042] [  1] [INFO ] Performing direct lookup of upgrade codes for: Azure AD Connect Health agent for sync
[15:03:07.042] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:07.042] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {114fb294-8aa6-43db-9e5c-4ede5e32886f}: no registered products found.
[15:03:07.042] [  1] [INFO ] Determining installation action for Azure AD Connect Health agent for sync (114fb294-8aa6-43db-9e5c-4ede5e32886f)
[15:03:07.042] [  1] [INFO ] Product Azure AD Connect Health agent for sync is not installed.
[15:03:07.042] [  1] [INFO ] Performing direct lookup of upgrade codes for: Azure AD Connect agent
[15:03:07.042] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:07.042] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {a8b03820-e701-44d7-b65e-6ffbb866a861}: no registered products found.
[15:03:07.042] [  1] [INFO ] Determining installation action for Azure AD Connect agent (a8b03820-e701-44d7-b65e-6ffbb866a861)
[15:03:07.042] [  1] [INFO ] Product Azure AD Connect agent is not installed.
[15:03:07.042] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft SQL Server 2012 Command Line Utilities
[15:03:07.042] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:07.042] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {52446750-c08e-49ef-8c2e-1e0662791e7b}: no registered products found.
[15:03:07.042] [  1] [INFO ] Determining installation action for Microsoft SQL Server 2012 Command Line Utilities (52446750-c08e-49ef-8c2e-1e0662791e7b)
[15:03:07.042] [  1] [INFO ] Product Microsoft SQL Server 2012 Command Line Utilities is not installed.
[15:03:07.042] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft SQL Server 2012 Express LocalDB
[15:03:07.042] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:07.042] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {c3593f78-0f11-4d8d-8d82-55460308e261}: no registered products found.
[15:03:07.042] [  1] [INFO ] Determining installation action for Microsoft SQL Server 2012 Express LocalDB (c3593f78-0f11-4d8d-8d82-55460308e261)
[15:03:07.042] [  1] [INFO ] Product Microsoft SQL Server 2012 Express LocalDB is not installed.
[15:03:07.042] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft SQL Server 2012 Native Client
[15:03:07.042] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:07.042] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {1d2d1fa0-e158-4798-98c6-a296f55414f9}: no registered products found.
[15:03:07.042] [  1] [INFO ] Determining installation action for Microsoft SQL Server 2012 Native Client (1d2d1fa0-e158-4798-98c6-a296f55414f9)
[15:03:07.042] [  1] [INFO ] Product Microsoft SQL Server 2012 Native Client is not installed.
[15:03:07.042] [  1] [INFO ] Performing direct lookup of upgrade codes for: Microsoft Azure AD Connect Azure AD Connector
[15:03:07.042] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:07.042] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {fb3feca7-5190-43e7-8d4b-5eec88ed9455}: no registered products found.
[15:03:07.042] [  1] [INFO ] Determining installation action for Microsoft Azure AD Connect Azure AD Connector (fb3feca7-5190-43e7-8d4b-5eec88ed9455)
[15:03:07.042] [  1] [INFO ] Product Microsoft Azure AD Connect Azure AD Connector is not installed.
[15:03:07.043] [  1] [INFO ] Determining installation action for Microsoft Azure AD Connection Tool.
[15:03:07.461] [  1] [WARN ] Failed to read DisplayName registry key: An error occurred while executing the 'Get-ItemProperty' command. Cannot find path 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MicrosoftAzureADConnectionTool' because it does not exist.
[15:03:07.481] [  1] [INFO ] Product Microsoft Azure AD Connection Tool is not installed.
[15:03:07.481] [  1] [INFO ] Performing direct lookup of upgrade codes for: Azure Active Directory Connect
[15:03:07.481] [  1] [VERB ] Getting list of installed packages by upgrade code
[15:03:07.482] [  1] [INFO ] GetInstalledPackagesByUpgradeCode {d61eb959-f2d1-4170-be64-4dc367f451ea}: verified product code {239fa20d-c95c-406b-8b07-5be6c373a4ff}.
[15:03:07.485] [  1] [VERB ] Package=Microsoft Azure AD Connect, Version=1.1.180.0, ProductCode=239fa20d-c95c-406b-8b07-5be6c373a4ff, UpgradeCode=d61eb959-f2d1-4170-be64-4dc367f451ea
[15:03:07.485] [  1] [INFO ] Determining installation action for Azure Active Directory Connect (d61eb959-f2d1-4170-be64-4dc367f451ea)
[15:03:07.487] [  1] [INFO ] Product Azure Active Directory Connect (version 1.1.180.0) is installed.
[15:03:07.487] [  1] [INFO ] DetectInstalledComponents stage: Sync engine upgrade required.
[15:03:08.120] [  1] [INFO ] CallExportSyncConfig: launching ExportSyncConfig.exe.
[15:03:08.587] [  1] [INFO ] ServiceControllerProvider: verifying Microsoft Azure AD Sync is in state (Running)
[15:03:08.587] [  1] [ERROR] Caught an exception while creating the initial page set on the root page.
Exception Data (Raw): System.InvalidOperationException: Service Microsoft Azure AD Sync was not found on computer '.'. ---> System.ComponentModel.Win32Exception: The specified service does not exist as an installed service
   --- End of inner exception stack trace ---
   at System.ServiceProcess.ServiceController.GenerateNames()
   at System.ServiceProcess.ServiceController.get_ServiceName()
   at System.ServiceProcess.ServiceController.GenerateStatus()
   at System.ServiceProcess.ServiceController.get_Status()
   at Microsoft.Online.Deployment.Types.Providers.ServiceControllerProvider.IsServiceInState(String serviceName, ServiceControllerStatus desiredStatus)
   at Microsoft.Online.Deployment.OneADWizard.Runtime.Stages.DetectInstalledComponents.Execute(String& message, GlobalContext existingContext, Boolean& isPasswordSyncSupported)
   at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.RootPageViewModel.GetInitialPagesCore()
   at Microsoft.Online.Deployment.OneADWizard.UI.WizardPages.RootPageViewModel.GetInitialPages()
[15:06:21.020] [  1] [INFO ] Opened log file at path C:\Users\Administrator\AppData\Local\AADConnect\trace-20160603-150304.log

Well this is my first post in MSDN so I hope it goes well...

I recently moved from a local domain to using AZURE AD as well.

I have started adding my laptops to AZURE AD and I have run into a problem when adding new users past the first admin account I log in with.

I can create the initial user just fine and add a pin.. this is the admin account in Office 365. But when I go to add any other users that are non admin accounts, I am unable to create a pin when creating their user on the system. It hangs at the next button screen to add a PIN.

Im not sure if this is a permissions issue or a limitation with Windows 10. Any help is greatly appreciated as I am stumped.

Azure AD Connect not syncing anymore with the latest version. Export profile from on premise AD Fails always.

These events in eventviewer

Any ideas?

I am using the graph api to retrieve a list of members of a group. The AAD Tenant could be large and I assume a given group can also be large. I would like to restrict the amount of user data in the response. I notice $select is supported for differential queries but appears from the docs that it is not supported for general queries. I receive the error message below:

{"odata.error":{"code":"Request_BadRequest","message":{"lang":"en","value":"The ability to use the $select query option to define a projection in a data service query is disabled. To enable this functionality, set the DataServiceConfiguration. AcceptProjectionRequests property to true."}}}

Is there a way to get this type of functionality another way? 

Thanks! 

Hello Teams!

An Azure AD customer @GSDware via Twitter is experiencing difficulties with removing an older AD tenant. The customer has attempted to utilize PowerShell, but unable to finish the removal process. The customer is receiving the error: "Directory contains one or more applications that were added by a user or administrator."

The only app that is Office 365 Management. They can't delete the app and no apps are listed under 'Apps my company owns."

Are there additional steps the customer can attempt? Thank you!

Twitter conversation: https://twitter.com/GSDware/status/738782761251688448

@AzureSupport

Ok, so this seems to be a popular question but I've got a wrinkle with the solution. We just replaced DirSync with Azure ADConnect, and everything went well. However, AAD Connect does not seem to automatically sync over the msExchHideFromAddressLists attribute, and you have to create a custom transformation to sync this from on-prem AD. We have a number of AD users with this value set to True so they are hidden from the GAL. I followed the instructions here to create the transformation:

https://community.office365.com/en-us/f/148/t/280163

This seemed to fix the problem at first, but I found that I still have a small percentage of mailboxes that did not get this attribute synced over. I've tried forcing it by flipping the value to False and running a sync, then flipping it back to True and syncing again, but this did not work. Is there something I am missing?

We're seeing this on all PC's joined during the OOBE setting up Windows 10. You set up the machine, login with the domain/AAD account, set up the PIN, setup Office 365, login about a gazillion times with the same credentials.

When you go to the Accounts - Sync Settings you can't turn it on. We'd like to be able to have users sync settings with their AAD account. But even if you add an MSA account, sync settings is disabled. So you can't get any settings already set up and have to go through a tedious manual process for every box. Plus all their apps need setup because no sync.

Is there something that needs to be turned on to allow this, or at least allow MSA settings to sync? We're trying to move all the way to Windows 10, but a lot of this doesn't seem finished yet...

Oh, and on the logins issue--there is a lot of work to do here. You put in the credentials over and over and over and over. It seems like there should be a master login (AAD) and then feed those credentials for everything in that user session. Then if they add an MSA, just use that popup to pick which to use (but not log in over and over).

Office apps, Office web, Intune, local Win32 apps, Windows Store (for business), etc. At least use the biometrics or PIN rather than full on login. Even logging into one app goes like this

Windows: LOGIN
Me: emailaddress...tab...
WINDOWS: STOP! Microsoft Account or Work/School Account?
ME: work...
WINDOWS: STOP! let me clear what you already typed and make you retype username and password.
ME: ugh...username...password
OFFICE: STOP! do you accept the agreement?
ME: yes...
OFFICE: you need to ACTIVATE, close and reopen
Me: okay....closing and reopening, oops! I picked Word mobile instead of...
WORD MOBILE: STOP! You need to login to edit files
Me: okay....username....
WORD MOBILE: STOP! Microsoft Account or Work/School?

By now Skype for Business has started up, sitting there with a taunting 'I dare you' to log in. Oh and OneDrive for Business needs you to go login to the web and sync, and the store would like you to log in, and by the way so would all the apps because you can't sync settings....

God help me if I have two factor authentication turned on, just makes it worse.

ME: ugh I quit. I'll go make a sandwich and do this later.

It's comical how many times I put in the exact same credentials on a new corporate box (or consumer one). Users get truly confused by this, so we always remote in on their first use to walk them through all the logging in.

Curt Kessler - FLC

I'm trying to install Azure AD Connect on a 2012 R2 server, but at the step where it tries to install the synchronization service, it failed. Applications logs are normal until they  reach "Local DB instance owner sid is S-1-5-21-2629177484-837856900-1119727339-1006"

then its followed by:

I've tried on two different servers with the same exact result. 

I am installing version 1.1.189.0 that came out today. 

Anyone else have the same issue?

Can someone provide a link to a prior version as well?

Thanks

Configured Azure AD Connect and everything is working well. But i have a question about the metaverse designer. From what i understand the schema of the connected source, in this case AD, is imported into the metaverse (sql database) right? But you can't delete an attribute from a connected source AD schema in the metaverse designer? 

The best option to remove, for example a telephone number, is to deselect the attribute on the AD connector and create a new inbound synchronisation rule and set a value to 'AuthoritativeNull'.

So when do you start using the metaverse designer? The default attributes can't be deleted but you can add new ones? However the schema that's imported should contain all the attributes, so i'm confused?

Hi

How do I setup Azure so that each user in Office365 can change there passwords themselves?

I had to turn off Active Directory Synchronization, so all users are in the cloud. I’m reinstalling Windows Azure on the VM Server again. I’m getting the following warning when I go to do this:

Do you want to activate Active Directory synchronization?
When you activate and configure directory synchronization, objects in your on-premises Active Directory may overwrite existing objects in the Microsoft Office 365 directory. Specifically, if a user, group, or contact object in the Microsoft Office 365 directory matches an object that is being synchronized from an on-premises object, the Microsoft Office 365 object will be overwritten.

This can result in data loss. The risk of data loss is much greater for organizations that have activated, deactivated, and then reactivated directory synchronization.

We strongly recommend that you back up user data before you reactivate directory synchronization.

Regards,
RD80

Hi

For the last 17 days I have been trying to create a support request to the Azure AD team. I have an Office 365 and EMS (which includes Azure AD Premium) subscription.

I created a support request on https://portal.office.com. The reply I got was to use https://portal.azure.com to get Azure AD support.

When trying to create a support request on https://portal.azure.com I get the message that I do not have a subscription. The only request possible is support for subscription issues. I created a subscription support request asking my original Azure AD question and also if the message on https://portal.azure.com is to be expected.

The reply I got was that I should ask for Azure AD support on https://portal.office.com and that it is as designed that I can not create support requests on https://portal.azure.com.

Now I have two support engineers telling me to create Azure AD support requests on the other portal since they don't do Azure AD support. And both of them are unable to transfer my support request to the Azure AD team.

Do anybody on this forum know how to create Azure AD support requests when I have an Office 365 and EMS subscription and no other Azure subscriptions?

Any info is appreciated.

Jesper

Upgraded Azure AD Connect to the latest version, the update itself went without any problems. 

I've disabled the schedule and enabled staging mode, after that enabled the sync schedule. Exported the results to a csv file and noticed that it will modify the mail attribute for all synced users. Why is this? 

There weren't any modified default rules in place, else it would show a message at the end of the wizard, but just in case i've exported all rules (in- and outbound)

The message is below, it shows it will delete the mail attribute? I'm not sure why it wants to do that, during an update it should preserve all the settings from the previous version according to the documentation. 

hi!

Great news that the AD Connect now already is able to sync AD to the preview german cloud. I wonder how you decide in which cloud to sync because there was no cloud selection at all. Do you simply use the user@foo.onmicrosoft.de vs. user@bar.onmicrosoft.com or is there a better way or query to decide this? I'm asking because a lot of other tools are missing this autodetect feature...  

Ralf.

Ralf Wigand, MVP Windows Server:Directory Services

When installing the Azure Active Directory Connect tool for sync with 365, it will stop at the window for "Connect to AD DC" and has a error of :  "An error occurred while retrieving the forest name. Current security context is not associated with an Active Directory domain or forest. "

That is all it tells us so not sure where to go next ????

Thank you,

Julie2Bee