Home > Azure, MS: AD, Group Policies, PKI > Azure: Choosing a sourceAnchor for Multi-Forest Sync with AAD Connect

Azure: Choosing a sourceAnchor for Multi-Forest Sync with AAD Connect


Part 1, Introduction

Part 2, Lab Setup

Part 3, An Aside on EmployeeID

Part 4, Using msDS-SourceAnchor

Part 5, Using mS-DS-ConsistencyGuid

Part 6, Moving off objectGuid

Part 7, Migrating Users

https://blogs.technet.microsoft.com/markrenoden/2017/02/24/choosing-a-sourceanchor-for-multi-forest-sync-with-aad-connect-part-7-migrating-users/

If your Azure Active Directory tenant is federated with an on-premises federation service (AD FS for example), you’ll need to make one last configuration change before you migrate users. This final step is to ensure your O365 Relying Party Trust Issuance Transform Rule for ImmutableID uses the attribute you’ve chosen (msDS-SourceAnchor or mS-DS-ConsistencyGuid) instead of objectGuid.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: