I was at client site configuring Azure AD Connect sync to Office 365 and noticed a few user not synced. I’ve checked the filtering options like OU filtering, object filtering, security permissions etc and they all seems fine. There are no duplicate UPN or proxyaddress attribute and idfix tool doesn’t reveal anything major. From the Azure AD Connect, https://azure.microsoft.com/en-gb/documentation/articles/active-directory-aadconnectsync-understanding-users-and-contacts/
“
An account with a linked mailbox will never be used for userPrincipalName and sourceAnchor. It is assumed that an active account will be found later.
“
Looking at the Synchornization Service Manager, ("C:\Program Files\Microsoft Azure AD Sync\UIShell\miisclient.exe"). Go to metaverse search, find the user and double click, under the “connector tab”, you’ll see there is only 1 connectors. Compare with another user, they are 2 connectors.
Issue:
An account with a linked mailbox will never be used for userPrincipalName and sourceAnchor. It is assumed that an active account will be found later.
Workaround:
It is normally safe to convert a linked mailbox to user mailbox. You must do it from Exchange management shell.
To see the LinkedMasterAccount run this command
Get-User -Identity “user” | FL LinkedMasterAccount
To convert to user mailbox, run the following command
Set-User -Identity “user” -LinkedMasterAccount $null”
Once converted to user mailbox, you can either wait for the next sync or force run a sync from Synchornization Service Manager by following this link, https://blogs.technet.microsoft.com/rmilne/2014/10/01/how-to-run-manual-dirsync-azure-active-directory-sync-updates/
