Latest posts by Dan Patrascu-Baba (see all)
- ADFS in multi forest environments - 20/10/2017
- #Build 2017 – some exciting things - 10/05/2017
- Testing Azure AD per app MFA and conditional access based on network location - 29/07/2016
In older version of directory synchronization tools we normally used the miisclient.exe to perform different complex tasks, like configuring an alternate login ID or implementing attribute based filtering. With Azure AD Connect this has changed and all associated and deprecated features of older tools have been removed from the UI of miisclient.exe. In order to accomplish these tasks in Azure AD Connect, we now use synchronization rules via the Synchronization Rules Editor.
But first of all, what are synchronization rules? Azure AD Connect synchronization rules are a modular definition of logic and are used to define almost everything, including precedence, object deletion, and other rules that were previously disjointed. A synchronization rule in Azure AD Connect is bound to a single connector, either to the AD connector or to the Azure AD connector, but never to both connectors at the same time. Each rule has a certain precedence and precedence defines the specific order in which rules are applied. For instance, a synchronization rule with precedence 100 will be applied first and one with 101 immediately afterwards. Continue reading