Export (0) Print
Expand All
8 out of 21 rated this helpful - Rate this topic

Install or upgrade the Directory Sync tool

Published: June 8, 2012

Updated: February 8, 2014

Applies To: Office 365, Windows Azure, Windows Intune

noteNote
This topic might not be completely applicable to users of Windows Azure in China. For more information about Windows Azure service in China, see windowsazure.cn.

The Windows Azure Active Directory Sync tool is an application that provides one-way synchronization from an organization’s on-premises Active Directory to Windows Azure Active Directory (Windows Azure AD).
An administrator should install this tool and run it on only one computer in your organization’s local network.

Before you install the Directory Sync tool, you must familiarize yourself with the computer requirements and prerequisites described in Prepare for directory synchronization.

noteNote
  • You should restrict access to the computer that is running the Directory Sync tool as tightly as you restrict access to your Active Directory domain controllers and other sensitive network components.
    Only people with global administrator permissions in your on-premises Active Directory should be able to access this computer.

  • Before synchronization can begin, you must complete the Windows Azure Active Directory Sync tool Configuration Wizard as described in Synchronize your directories.

  • The Windows Azure Active Directory Sync tool was previously known as the Microsoft Online Services Directory Synchronization tool.

Before you install the Directory Sync tool, you must activate directory synchronization.

  1. On the computer where you want to install directory sync, use the following link to download the tool:
    Windows Azure Active Directory Sync tool – 64 bit

  2. Follow the instructions in the Setup wizard.

  3. On the last page of the wizard, select Start Configuration Wizard now, and then click Finish to start the Windows Azure Active Directory Sync tool configuration wizard.

  4. Provide the Enterprise Administrator and Windows Azure Active Directory credentials as prompted.

  5. Enable the optional features that are required.

  6. When prompted, check Synchronize your directories now to start synchronization.

You can also install the Directory Sync tool using a standalone SQL Server.
Refer to this article for details on this advanced deployment option

CautionCaution
Installing the Directory Sync tool creates the AAD_xxxxxxxxxxxx account in the standard Users organizational unit of the local Active Directory directory service. This account is used by the Directory Sync tool to read the local Active Directory information. Do not move or remove this account. Moving or removing this account will cause synchronization failures.

You can now directly upgrade your Directory Sync tool beginning with version 6385.0012 (released earlier in 2013) without needing to first uninstall your current version.
If you have a build of the Directory Sync tool that is older than this version, you will need to uninstall the old version, and download and install a newer version.
You will then be able to directly upgrade that new installation in the future.

You can download the latest Directory Sync tool from your admin portal using the following link: Windows Azure Active Directory Sync tool – 64 bit.

The Directory Sync tool upgrade process requires that you upgrade the Directory Sync tool and re-run the configuration wizard.
You must complete both steps before the new version of the Directory Sync tool will function correctly.

noteNote
Directory sync tool versions earlier than 6385.0012 cannot be upgraded.
If you have a version of the Directory sync tool older than 6385.0012, please uninstall the current installation, and then install the latest version of Directory Sync tool.

  1. Navigate to the folder containing the executable you have downloaded from the admin portal.

  2. Run the executable you have downloaded from the admin portal. It will detect the existing installation and walk you through the upgrade process.

  1. Navigate to the folder containing the executable you have downloaded from the admin portal.

  2. Run the executable with the command DirSync.exe /fullSql.

  3. Load the DirSync Install shell located at C:\Program Files\Windows Azure Active Directory Sync\DirSyncInstallShell.psc1.

  4. Run the Install-OnlineCoexistenceTool commandlet to perform the upgrade.

    ImportantImportant
    When running the cmdlet, you need to specify:

    • The same SQL Server and Instance name as before.

    • The –Upgrade switch to indicate you wish to upgrade the existing installation.

  5. Once the application Upgrade is complete, load the configuration shell located at C:\Program Files\Windows Azure Active Directory Sync\DirSyncConfigShell.psc1

  6. Run the Set-CoexistenceConfiguration cmdlet to re-configure the Directory Sync tool with the appropriate credentials to use.

After you have installed the Directory Sync tool on the correct computer, you are ready to Synchronize your directories.
You can run the Configuration Wizard immediately after installing the tool by selecting Start Configuration Wizard now on the Finished page of the installation wizard.

See Also

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.