It’s literally been a year since I’ve updated it–mainly because we haven’t made any significant endpoint changes.
I did detect some CRL endpoint updates and a few other odds and ends for Worldwide Commercial and GCC Moderate, so I’ve updated the AAD Network Communications Test tool accordingly.… [ Continue reading ]
This week, while helping a customer onboard to Azure AD Connect, we ran into an interesting error:
Azure Service Connectivity Failed, Unable to proceed
The on-premises synchronization service is not able to connect to Azure Active Directory.… [ Continue reading ]
Yesterday, a peer brought an interesting problem to me:
His customer had been storing data in the on-premises msExchExtensionCustomAttribute properties for users and wanted to be able to use that data in Exchange Online for filtering and dynamic group membership.… [ Continue reading ]
This week, I’ve got a few updates for the AAD Network Communications Test!
- I’ve moved it to the PowerShell Gallery. You can now install it with PowerShellGet by using the command:
Install-Script -Name AADConnect-CommunicationsTest
- I’ve updated the GCC High and DOD endpoints to the best of my ability (I’m always looking for feedback on this, so if you have new endpoints, be sure to connect with me!)
… [ Continue reading ]
Last week, I began working with a customer that was experiencing what appeared to be a significant amount of updates to a certain group of objects in the local Active Directory. These objects were being imported from another forest as contacts, yet found themselves being updated very frequently by the local AAD Connect instance.… [ Continue reading ]
A few weeks ago, I ran into an issue with a customer. Scenario:
- Customer had configured alternate-id sign in with AAD Connect (the gist is that it flows on-premises mail to cloud UPN)
- Synced identity to tenant
- Tenant did not have any verified domains
As expected, without a matching verified domain in the tenant, UPN suffixes in the tenant were actually set as @tenant.onmicrosoft.com. … [ Continue reading ]
Right before sending a customer the link for the tool, I decided to test it and noticed that I encountered an unexpected credential prompt. I updated the parameter name, and then added a new feature as well–a test to see if your tenant has the correct licensing to enable Password writeback. … [ Continue reading ]
Hey, all! One AAD tool update deserves another!
Every so often, I check in to make sure I’m keeping the AAD Connect Network Test Tool as fresh as I can. I’ve made a few changes to the way it works (hopefully which you all think is for the better). … [ Continue reading ]
Hi! It’s a day ending in “y,” which means it’s a good day to update a script!
Today, while on-site with a customer and running my AAD Connect Permissions script, I noticed that the logging output wasn’t as helpful as I wanted it to be.… [ Continue reading ]
It’s that time of the year again! I’ve expanded upon an existing feature in the AAD Network Test Tool.
One of the prerequisites listed on the AAD Connect support page is to ensure the Turn on PowerShell Transcription GPO is set to Not Configured. … [ Continue reading ]
This feature is an “oldie but goodie” that my customers are starting to ask questions about as they start looking into ways to automate their Office 365 deployments.
Can I sync additional attributes to Office 365, and can I use them for Group-Based Licensing?… [ Continue reading ]
It’s Two-fer Friday. I don’t know if it was a thing, but it is now.
Based on received feedback, I have updated the AAD Connect Advanced Permissions tool to check for the Active Directory schema version in addition to the Exchange schema. … [ Continue reading ]
Just a quick note: I’ve updated the AAD Connect Network Test Tool to now query Windows Product Edition data to provide a little more system configuration prerequisite testing information, based on the OperatingSystemSKU data listed at https://docs.microsoft.com/en-us/windows/desktop/CIMWin32Prov/win32-operatingsystem… [ Continue reading ]
Yes, Hell has frozen over. The cows have come home. The lady of size has sung.
I have come up with a “best case” solution for the Office 365 hybrid group write-back problem.
For the long(er) background, you’ll probably want to go see this post.… [ Continue reading ]
Woo! A day of updates! I’ve made a few updates to this tool, so hopefully you’ll find them useful:
2018-08-12: A reader noticed that the UpdateAdminSDHolder switch didn’t work ask expected when specifying the ExchangeHybridWriteBack OU without the ExchangeHybridWriteBackOUs parameter. … [ Continue reading ]