.png)
Install or upgrade the Directory Sync tool
Published: June 8, 2012
Updated: February 28, 2013
Applies To: Office 365, Windows Intune
 Note |
|---|
| This topic provides online help content that is applicable to multiple Microsoft cloud services, including Windows Intune and Office 365. |
The Windows Azure Active Directory Sync tool is an application that provides one-way synchronization from an organization’s on-premises Active Directory to Windows Azure Active Directory. An administrator should install this tool and run it on only one computer in your organization’s local network.
Before you install the Directory Sync tool, you must familiarize yourself with the computer requirements and prerequisites in Prepare for directory synchronization.
|
Note |
|---|
|
What do you want to do?
Install the Directory Sync tool
Before you install the Directory Sync tool, you must activate directory synchronization, and then run the Microsoft Deployment Readiness Tool.
 Caution |
|---|
| Do not install the Directory Sync tool on the same computer that has Active Directory Federation Services (AD FS) 2.0 installed on it. |
To install the Directory Sync tool, follow the steps below.
-
On the computer where you want to install directory sync, click the link below to download the tool:
Windows Azure Active Directory Sync tool – 64 bit -
Follow the instructions in the Setup wizard.
-
On the last page of the wizard, select Start Configuration Wizard now, and then click Finish.
The Windows Azure Active Directory Sync tool Configuration Wizard starts.
Upgrade the Directory Sync tool
You may need to upgrade the Directory Sync tool if the computer running the tool enters an unrecoverable state, or if you are running the 32-bit version of the Directory Sync tool and you now want to run the 64-bit version.
|
Note |
|---|
| The functionality of the 64-bit version of the Directory Sync tool is identical to the 32-bit version. But the underlying SQL database schema is different. As a result, a standard upgrade cannot be done. To upgrade your 32-bit installation of the Directory Sync tool, you must first uninstall it, and then install the 64-bit version of it on a new computer by using the following the procedure. |
When you install a new instance of the tool, it finds and matches objects in the cloud with on-premises objects. The new instance of the tool, however, won’t find and match objects in the cloud if on-premises object deletions occurred when the original instance of the Directory Sync tool was not functioning.
If you aren’t upgrading to 64-bit and if you believe that you deleted on-premises objects while the Directory Sync tool wasn’t working, you should instead Update the Directory Sync tool using a different computer.
-
On the computer that the Directory Sync tool is installed on, open the Control Panel, select Add and Remove Programs, and then uninstall the Directory Sync tool.Note
If a synchronization session is in progress, a warning message appears when you try to remove the Directory Sync tool. If you receive this warning, wait until synchronization is complete, and then repeat this step. -
Install the latest version of the Directory Sync tool installation file by following the steps provided in Install the Directory Sync tool.
If you uninstall and then reinstall the Directory Sync tool on your local computer (or move the tool from one computer to another), items deleted on your computer during the time that the Directory Sync tool is uninstalled will not be deleted from Windows Azure AD.
Update the Directory Sync tool using a different computer
In some instances, such as when there are a large number of objects, you may want to install the latest version of the Directory Sync tool on a second computer to help ensure that there are no breaks in synchronization and that no updates are lost.
To update the Directory Sync tool using a different computer, follow these steps.
-
Log on to the current directory synchronization computer, click Start, click Control Panel, open Administrative Tools, and then, in Services, stop the Directory Synchronization Service.
-
On a different computer, download and run the Directory Sync tool installation file as usual, and then run the Configuration Wizard.
-
On the last page of the Configuration Wizard, select Synchronize directories now, and then click Finish. This resets the synchronization service password, breaks the synchronization relationship with the old computer, and establishes a synchronization relationship with the new computer.
-
When the Event Viewer on the new directory synchronization computer shows that synchronization is complete, log on to the old directory synchronization computer, run the Configuration Wizard, and force synchronization. This identifies and synchronizes any objects that were deleted while directory synchronization was stopped.
-
On the new directory synchronization computer, run the Configuration Wizard again, and force another synchronization. This resets the synchronization service password and reestablishes the synchronization relationship.
-
Uninstall the Directory Sync tool from the old directory synchronization computer.
|
Caution |
|---|
| Installing the Directory Sync tool creates the MSOL_AD_SYNC account in the standard Users organizational unit of the local Active Directory directory service. This account is used by the Directory Sync tool to read the local Active Directory information. Do not move or remove this account. Moving or removing this account will cause synchronization failures. |
Next step: Synchronize your directories
After you have installed the Directory Sync tool on the correct computer, you are ready to Synchronize your directories. You can run the Configuration Wizard immediately after installing the tool by selecting Start Configuration Wizard now on the Finished page of the installation wizard.
See Also
