Understand how On-Premises Active Directory object get synchronized to Azure AD (Run Profiles Explained)

By | December 23, 2018

We all know Azure AD Connect Syncs your local Active Directory objects to Azure AD and this can be monitored and controlled by Synchronization Service Manager, do we understand how this is happens and role of each run profiles (Delta Import, Delta Synchronization, and Export), It can confuse you by reading the profile names, Just because run profile called “Delta Import”, this doesn’t mean it does import, confusing right? Let’s decode this

Also Read: Force Active Directory Sync through Azure AD Connect to Office 365/Azure with console and Powershell Commands

You have to understand this to troubleshoot an AD object that is not synchronizing to Azure AD, what each run profiles do as part of Synchronization, we have a three-run profiles for each connector, one connector for each Domain (Azure AD also considered as a Domain), lets say you one On-Premises AD which is synchronized to Azure AD then you have 2 connectors and 6 run profiles (3 run profiles for each Domain)

Also Read: Can we Replace on-premise Domain Controller with Cloud-based Active Directory







Run Profiles on Operations:






Also Read: Best practice steps to blocking and archiving users in Azure AD and Exchange hybrid environment (Azure AD Housekeeping)

Now will see what each above Run Profiles will do

Before explaining theRun Profiles, you should know about the Metaverse(MV), what is Metaverse? Metaverse is between On-Premises Active Directory and Azure AD, the data we see on Synchronization Service Manager is called Metaverse

Metaverse read the AD object and keeps the information and write to Azure AD, this is very useful while you are troubleshooting sync issues (trace the object where it struck)

Also Read: Active Directory On-premises User name did not match with their Office365 User name

Delta Import:(Read from AD)

Fabrikamonline.com – Delta Import Run Profile reads the Domain for any recent object changes like add/delete/modify and keep a track of all changes, let’s say one new user has been created

Delta Synchronization: (AD to MV)

Fabrikamonline.com – Delta Synchronization Run Profile update whatever changes been identified on Delta Import Run Profile to Metaverse, after this profile run you can see the new user object on Metaverse search (Synchronization Service Manager)

Also Read: How to Block user access to Azure portal

Export: (MV to Azure AD)

Fabrikamonline.com – AAD Export Run Profile updated/replicated the changes been updated on Metaverse to other Domain, now you can see the new user object on Azure AD

Also Read: Difference between DirSync, Azure AD Sync and Azure AD Connect

You can see the status and sync errors on each Run Profiles which explain the object sync status, will write on troubleshooting methods for Sync issues on my next article, hope this gives an idea about how Synchronization works through AADC (Azure AD Connect)

Other Microsoft Cloud Services and more about Cloud Computing

Leave a Reply

Your email address will not be published. Required fields are marked *