问题描述
所以这是我要处理的一个复杂问题,所以我来这里寻求帮助.
So this is a complex one for me to handle so I came here asking for help.
我们的公司有一个本地AD,并且已与Azure AD同步,迁移到新办公室,并获得了一个用于管理本地AD的新服务器,同时将服务器从旧版本复制到了新版本,这主要是因为服务器离开了域和新 一个人没有从流程中获取任何数据,而是让我创建一个新的本地域,之后,我确实将Azure AD与我们的本地AD连接,将用户从Azure AD导入到本地服务器中,并且在同步数据之后,现在我为每个用户有两个值 并且都表示为与AD同步".
our company had a local AD and it was synced with Azure AD, moving to new offices and got ourselves a new server to manage the local AD, while replicating the servers from old to new, something went wrong, the main server left the domain and the new one didn't get any data from the process, leaving me to create a new local domain, after that I did connect Azure AD with our local AD, imported users from Azure AD into the local server, and after syncing the data, now I have two values for each user and both stated as "Synced with AD".
帮助?
推荐答案
我假设您有一个用户,比如说[email protected],另一个用户是[email protected].这是由于您使用软匹配将新服务器与azure AD同步了.有两种方法可以解决此问题.这将取决于有多少用户 以及您拥有的许可证.
I am assuming that you have a user lets say [email protected] and another user [email protected]. This was caused because you synced the new server with the azure AD using a soft match. There are two ways to get around this. It will depend on how many users and licenses that you have.
首先,尽管所有用户将在删除所有用户时都将丢失附加的许可证,但很快.许可证仍将保留在您的Azure AD中.用于此的命令是Remove-MsolUsers,而我忘记了该命令的其余部分.您可以尝试以这种方式https://dotnetthoughts.net/bulk-removing-azure-active-directory-users/. 然后将它们同步回Azure,UPN会恢复为正常.请理解,我不想在现场环境中进行测试.我想说CSV将成为您在本期中的朋友.你可以抓住所有 通过CSV向用户授予许可,可为您提供重新启用指南.
First is going to be quick though all the users will loose licenses attached as you remove all users. The licenses will still stay within your Azure AD. The command for this is Remove-MsolUsers and I forget the rest of the command. You can try this way https://dotnetthoughts.net/bulk-removing-azure-active-directory-users/. Then sync them back down to Azure and the UPN's will change back to normal. Please understand that I don't want to test this out within my environment that is live. I would say that CSV's are going to be your friend in this issue. You can grab all the licenses on the users through a CSV giving you a guide to putting them back on.
接下来要做的就是完成一场硬比赛.基于本指南https://www.mspathshala.com/single-post/2016/1/8/StepByStep-guide-to-sync-Active-Directory-With-Office-365.他没有提及此事,但您想打开广告连接 在工作时停止同步.他不是您要删除的用户编号不是您要附加的用户编号.在Set-MsolUser上,这将是您要使用的UPN.您也可以通过以下方式使用CSV进行此操作 上面发布的链接并更改了所有不可变ID.首先,我会在一个用户上进行测试.
The next thing that you can do is completing a hard match. Based off this guide https://www.mspathshala.com/single-post/2016/1/8/StepByStep-guide-to-sync-Active-Directory-With-Office-365. He doesn't mention this but you want to open your AD connect to stop your syncing while you work. He isn't you want to remove the user with the numbers not the one you want to attach it to. On the Set-MsolUser this will be the UPN that you want to use. You could possibly do this with the CSV as well by following the link posted above and changing all the immutableID's. I would test this on one user at first.
希望您的环境不大.
这篇关于用户在Azure AD中发生冲突的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!