The Microsoft Directory Synchronization has been available in a variety of versions and names:
- DirSync (the original).
- Azure Active Directory Sync (AADSync).
- Azure Active Directory Connect (AADConnect).
Each version of the tool had a number of releases, for the original DirSync for example there were 14 different releases as can be seen here. Similar information for AADSync (5 releases) can be found here, and for AADConnect (12 releases) you can find it here.
In my test environment (Exchange hybrid) I’m currently running AADSync 1.0.491.413. Since the current (as of March 2016) version is AADConnect 22.214.171.124 it’s time to upgrade J
When upgrading from a previous version there are two options:
- In-place upgrade – this is the recommended way if the upgrade time takes less than three hours.
- Parallel upgrade – This is the recommended way if the upgrade time takes more than three hours.
Why three hours? The Directory Synchronization runs every three hours. It is also estimated that if you have more than 50,000 objects to synchronize, the upgrade will take more than 3 hours.
Important to note is that you do not have to uninstall the old version before starting the upgrade. The upgrade will read the existing configuration and configure AADConnect accordingly.
It happened to me once where a customer uninstalled DirSync the evening before I was planned to do the upgrade. Luckily the environment was pretty straightforward…
Unsupported DirSync changes like removed attributes or using a custom extension DLL are not migrated, but other than that the regular changes like OU filtering, Password sync or Exchange hybrid are migrated to AADConnect.
After downloading AADConnect, you can the setup application. It’s basically a wizard where you have to accept the license agreement, it then will read the existing configuration and upgrade the necessary components.
After you’ve accepted the license agreement click Upgrade to start the actual upgrade process. You can easily follow the progress:
Enter the credentials of the synchronization service account in Office 365:
Once sufficient information is gathered the actual upgrade can be started. Personally I do NOT CHECK the Start the synchronization process as soon as the configuration completes option. This way there’s the option to check the configuration before the synchronization is started.
When the upgrade is complete click the Exit button.
You can open the Synchronization Service Manager to check the synchronization configuration. In my lab environment the configuration was exactly the same as before the upgrade
In Azure Active Directory Connect (AADConnect) the synchronization engine was just an application that was using Scheduled Tasks to run every three hours. With AADSync it is running as a service again, and there are PowerShell cmdlets available to configure the service. When you use the Get-ADSyncScheduler command you can check the configuration.
As you can see synchronization is still disabled (SyncCycleEnabled equals False), you can enable it using the Set-ADSyncScheduler -SyncCycleEnabled:$TRUE command as shown in the following figure:
To start the initial sync, use the Start-ADSyncSyncCycle -PolicyType Initial command. After some time you’ll see in the Microsoft Online Portal that synchronization occurs again.
If you made some changes and want to force a synchronization cycle, you can use the Start-ADSyncSyncCycle -PolicyType Delta command. This will only replicate recent changes.