Export (0) Print
Expand All
9 out of 14 rated this helpful - Rate this topic

Verify directory synchronization

Published: June 8, 2012

Updated: February 20, 2014

Applies To: Office 365, Windows Azure, Windows Intune

noteNote
This topic might not be completely applicable to users of Windows Azure in China. For more information about Windows Azure service in China, see windowsazure.cn.

If you want to know that your Active Directory synchronization is provisioning users, groups, and contacts from on-premises apps to the cloud correctly, you must verify your directory synchronization. By verifying your directory synchronization, you can license users that were provisioned using the Windows Azure Active Directory Sync tool.

TipTip
Using Office 365? By verifying your directory synchronization, you can check that the Windows Azure Active Directory Sync tool is syncing and keeping the Global Address List (GAL) up-to-date in the cloud.

To verify that the Directory Sync tool is working, you need to test both manual synchronization and automatic synchronization. It may take up to three hours to complete this process.

The Directory Sync tool writes entries to the directory synchronization computer's event log. These entries indicate the start and end of a directory synchronization session. Directory synchronization errors are also reported in the event log and sent via e-mail to your organization's designated technical contact. When reviewing the event log, look for entries whose source is Directory Synchronization. An entry designated Event 4 and with the description The export has completed indicates that the directory synchronization is complete.

When directory synchronization is installed, the local Active Directory becomes the master for all changes to the synchronized mail-enabled objects in Windows Azure Active Directory (Windows Azure AD). In the following procedures, you will make changes to mail-enabled objects in your local Active Directory and verify those changes in Windows Azure AD.

  1. Ensure that there is a valid email address for your organization's designated cloud service technical contact.

  2. Sign in to the cloud service with service administrator credentials.

  3. Verify the additional properties of a specific user account (such as Job title, Department, or Street address) that will be synchronized from your local Active Directory to Windows Azure AD.

  4. Verify that you cannot edit the additional properties of that user account in Windows Azure AD.

  5. Log on to your local Active Directory with the permissions needed to edit user accounts, contacts, and distribution groups.

  6. In your local Active Directory, make a simple but obvious change to one of the additional properties of the specific user account.

  7. Open the Windows Azure Active Directory Sync tool Configuration Wizard.

    1. Provide the information requested on the wizard pages.

    2. On the Finished page, select Synchronize your directories now, and then click Finish.

  8. When directory synchronization is complete, view the additional properties of the user in Windows Azure AD, and verify that the change you made to the additional properties of the specific user account in your local Active Directory have been synchronized to Windows Azure AD.

  1. Sign in to the cloud service with service administrator credentials.

  2. When directory synchronization is complete, verify that the changes you made in your local Active Directory now appear in the cloud.

See Also

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.