Duplicate objects in AD and ADC (hybrid environment)

Anonymous
2020-08-04T09:31:35.547+00:00

Hi,

We are managing a migration to Office 365.
I have therefore configured a server with a DC role and one with the Azure AD Connect component.

Some users had already been enrolled in Azure AD to take advantage of Office 365 licenses, while the others I had previously added locally in the DC.
After the last synchronization, I find duplicates in Azure and I don't know how to manage them.

For Example:
On DC - User: Paolino Paperino, account:Paolino.paperino@Company portal .com, mail: Paolino.paperino@Company portal .com
ON Azure - User: Paolino Paperino, account: paolino.paperino@Company portal .com, mail: -
ON Azure ( duplicate ? ) - User: Paolino Paperino, account: paolino.paperino@Company portal .onmicrosoft.com, mail: paolino.paperino@Company portal .onmicrosoft.com

How could I solve this problem to combine the two users? Should I delete the user in Azure and create an alias in the one synchronized by AD?

In addition, I am notified of the "warning" that for some users the proxyAddresses field is empty. Can I directly enter the smtp alias fields in AD?

Thank you all.
Alf

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,149 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,351 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andy David - MVP 144.2K Reputation points MVP
    2020-08-04T11:39:54.85+00:00

    ON Azure ( duplicate ? ) - User: Paolino Paperino, account: paolino.paperino@Company portal .onmicrosoft.com, mail: paolino.paperino@Company portal .onmicrosoft.com
    that last one is not necessarily a duplicate. Did someone create that account? Is it licensed with a mailbox? Sounds like it.
    Only you can know that, but if its not necessary, then remove the license and delete it. You have 30 days to recover it if it turns out to be a mistake. If its mastered in Azure, you can delete it there.

    Here is the logic for how email addresses are constructed in Azure. No need to try to "combine" those two accounts or create an alias. Azure will take care of that.
    https://video2.skills-academy.com/en-us/troubleshoot/azure/active-directory/proxyaddresses-attribute-populate

    For the last question, yes, enter the proxy addresses on-prem and they will sync to Azure as long as they do not already exist. You can use the Exchange mgmt tools to add those or in AD. I prefer the Exchange tools ( EAC, Exchange Powershell)

    0 comments