Windows Azure Active Directory Sync (DirSync) has gone through many iterations just in the last few years but the good news is it is getting easier to install and use. It used to be quite pain to reinstall or migrate. DirSync is the easiest way to sync your AD organization to Microsoft’s cloud including Azure, Office 365 and Exchange Online.
The current version can be downloaded here:
If you have an older version of DirSync and want to move to the latest version I highly recommend it because the newer one is easier to use. To force sync on the older versions you click a lot in miisclient.exe in a very specific sequence or run PowerShell commands. The last iteration even included a script that had to be launched from PowerShell itself. It was not optimal for daily management.
If you are starting with a fresh install skip to the How to below. As you can only sync from one server at a time, there are only two possible scenarios if you had an older version installed already:
- Install on the same server – because the architectures are a bit different you can simply remove the old version of DirSync using Programs and Features and install the new version.
- Install on a different server – disable the service Azure Active Directory Sync on the old server or completely uninstall it and use the instructions below to install on the new server.
How to Install Windows Azure Active Directory Sync
Because the architectures are a bit different you can simply remove the old version of DirSync using Programs and Features and install the new version. Use the download link above to download the lastest version and open the exe file.
After you agree to the terms and select install it will run for a bit and disappear. Look on your desktop for this icon and open it.
You are now in the configuration window, enter your cloud credentials
Enter your on-prem credentials and select add forest and next
Configure any user matching parameters required, but the default is usually fine
Do not select any of these options at this time so you can setup and test the connection
Keep the Synchronize now box unchecked and select Finish
This is a good time for a restart to ensure you have been added to the appropriate security group and just to clear out any potential issues before you test the connection and finalize the configuration.
Once you restart, open the Synchronization Service, there should be a new icon on your desktop. This app is the replacement for miisclient.exe.
You can observe what is being synced here and also check for errors with this app
Now we need to test if the configuration worked before we set the configuration to automatically sync. The easy way is to force synchronization with a shortcut.
How to Force DirSync Synchronization with a Shortcut
Right click anywhere on your desktop and select New > Shortcut
Paste this target box and select next
“C:\Program Files\Microsoft Azure AD Sync\Bin\DirectorySyncClientCmd.exe”
Choose a name, Finish
Once saved, select the new shortcut to test
You should see the synchronization steps listed in the Sync Manager, any errors will show up in the lower right box
Sync successful! open up the Directory Synchronization tool again from the icon on your desktop and configure it for auto sync. Check the boxes for password synchronization and enable Synchronization on the last page.
If you ever need to remove DirSync from the server, go to Programs and Features and uninstall Windows Azure AD Sync and it will uninstall all other parts automatically.
Read this article to learn how to increase the synchronization frequency of DirSync.
Hope this helps!