Any suggestions? Export (0) Print
Expand All

Install or upgrade the Directory Sync tool

Published: June 8, 2012

Updated: June 21, 2015

Applies To: Azure, Office 365, Windows Intune

This topic might not be completely applicable to users of Microsoft Azure in China. For more information about Azure service in China, see

The Microsoft Azure Active Directory Sync tool is an application that provides one-way synchronization from an organization’s on-premises Active Directory to Microsoft Azure Active Directory (Microsoft Azure AD).
An administrator should install this tool and run it on only one computer in your organization’s local network.

Before you install the Directory Sync tool, you must familiarize yourself with the computer requirements and prerequisites described in Prepare for directory synchronization.

  • You should restrict access to the computer that is running the Directory Sync tool as tightly as you restrict access to your Active Directory domain controllers and other sensitive network components.
    Only people with global administrator permissions in your on-premises Active Directory should be able to access this computer.

  • Before synchronization can begin, you must complete the Microsoft Azure Active Directory Sync tool Configuration Wizard as described in Synchronize your directories.

  • The Microsoft Azure Active Directory Sync tool was previously known as the Microsoft Online Services Directory Synchronization tool.

Before you install the Directory Sync tool, you must activate directory synchronization.

  1. On the computer where you want to install directory sync, use the following link to download the tool:
    Azure Active Directory Sync tool – 64 bit

  2. Follow the instructions in the Setup wizard.

  3. On the last page of the wizard, select Start Configuration Wizard now, and then click Finish to start the Azure Active Directory Sync tool configuration wizard.

  4. Provide the Enterprise Administrator and Azure Active Directory credentials as prompted.

  5. Enable the optional features that are required.

  6. When prompted, check Synchronize your directories now to start synchronization.

You can also install the Directory Sync tool using a standalone SQL Server.
Refer to this article for details on this advanced deployment option

Installing the Directory Sync tool creates the AAD_xxxxxxxxxxxx account in the standard Users organizational unit of the local Active Directory directory service. This account is used by the Directory Sync tool to read the local Active Directory information. Do not move or remove this account. Moving or removing this account will cause synchronization failures.

You can now directly upgrade your Directory Sync tool beginning with version 6385.0012 (released earlier in 2013) without needing to first uninstall your current version.
If you have a build of the Directory Sync tool that is older than this version, you will need to uninstall the old version, and download and install a newer version.
You will then be able to directly upgrade that new installation in the future.

You can download the latest Directory Sync tool from your admin portal using the following link: Azure Active Directory Sync tool – 64 bit.

The Directory Sync tool upgrade process requires that you upgrade the Directory Sync tool and re-run the configuration wizard.
You must complete both steps before the new version of the Directory Sync tool will function correctly.

Directory sync tool versions earlier than 6385.0012 cannot be upgraded.
If you have a version of the Directory sync tool older than 6385.0012, please uninstall the current installation, and then install the latest version of Directory Sync tool.

  1. Navigate to the folder containing the executable you have downloaded from the admin portal.

  2. Run the executable you have downloaded from the admin portal. It will detect the existing installation and walk you through the upgrade process.

  1. Navigate to the folder containing the executable you have downloaded from the admin portal.

  2. Run the executable with the command DirSync.exe /fullSql.

  3. Open PowerShell, and then type “Import-Module DirSync”.

  4. Run the Install-OnlineCoexistenceTool commandlet to perform the upgrade.

    When running the cmdlet, you need to specify:

    • The same SQL Server and Instance name as before.

    • The –Upgrade switch to indicate you wish to upgrade the existing installation.

  5. Once the application Upgrade is complete, start PowerShell, and then type Import-Module DirSync.

  6. Run the Set-CoexistenceConfiguration cmdlet to re-configure the Directory Sync tool with the appropriate credentials to use.

After you have installed the Directory Sync tool on the correct computer, you are ready to Synchronize your directories.
You can run the Configuration Wizard immediately after installing the tool by selecting Start Configuration Wizard now on the Finished page of the installation wizard.

See Also

© 2016 Microsoft