Azure Active Directory Connect Health Can Now Fix Sync Errors

Microsoft last week announced a new Azure Active Directory Connect Health feature for IT pros that resolves duplicate attribute sync errors with an organization's local Active Directory.

The trouble can happen when different end user identities in AD share the same proxy address, which won't sit well when synced up with Azure AD. These accounts will get flagged in the Azure AD Connect Health dashboard. Microsoft has now added a way to resolve these attribute syncing errors between an organization's local AD and Azure AD. The portal does so by noting the conflicting proxy addresses, which get quarantined. IT pros then answer some questions about the duplicated attributes to produce a resolution in PowerShell form. The Azure AD Connect Health portal will create the PowerShell script to resolve the conflicts based on the answers.

The new attribute sync error feature in Azure AD Connect Health has already been successfully tested at the preview stage, according to Microsoft's announcement.

"During the public preview of this feature, hundreds of customers tried it out and many of them cleaned ALL their duplicate attribute sync errors in a just a couple of hours," the announcement claimed.

The new tool can only be used by IT pros having a Global Admin or Contributor role. The PowerShell script generated by this feature will perform a soft delete of the AD account that has a conflicting attribute, but a hard delete will be required to make the fix work, according to Microsoft's documentation.

Azure AD Connect Health is a dashboard within the Azure AD Admin Portal that was launched about three years ago. The dashboard is only available to Azure AD Premium subscribers, with details described at this page. The description includes an oblique footnote about the need to license the dashboard's various "monitoring agents."

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Office 365 Attack Simulator Now Supports Attachments

    The Attack Simulator in Office 365 tool has been updated and now has the ability to include message attachments in targeted campaigns, according to a Friday Microsoft announcement.

  • How To Disable Touch Input in Windows 10

    When the touchscreen on your Windows 10 laptop goes bad, there's no reason to throw that baby out with the bath water.

  • Microsoft Previews Windows VM Authentications via Azure Active Directory

    Microsoft on Thursday announced a preview of remote authentications into Windows-based Azure virtual machines (VMs) using Azure AD credentials.

  • Windows Server 20H1 Getting Smaller Containers and Faster PowerShell

    Microsoft is promising to deliver a smaller container size and improved PowerShell performance with its next release of Windows Server.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.