Migrate AAD Connect - Office 365 /Azure AD
This Plan will take you through creating a new server and deploying AAD connect and to migrate from an old version or old AAD connect server.
PART 1
CREATE THE SERVER
1.
2.Goto portal.azure.com
3.goto virtual Machines
4.Click the + button and select Windows Server
5.Select "Windows Server 2016 Datacenter"
6.select create
7.type the name of the VM "NEWAd"
8."
9.Select VM disk type and set to HDD
10.type admin Username.
11.and type random generated 26 CHAR password
13.Confirm the subscription is "customer - Service Subscription"
14.For the Resource Group , select an existing Resource group
15.For the location Choose "Australia Southeast"
16.Select Already have a Windows License and select YES, check the Box.
17. Choose VM "A1 Standard"
18.Choose DC-AS for the availability set.
19.Choose a storage account for the diagnostic storage account.
20.enable Backup and select the default backup policy.
21.Create.
22.Log on to the new server and add to the domain.
24.Add server to the Domain yourdomain.com.au.
25.confirm the server is added and reboot.
26.confirm the server is patched up to date.
27.Reboot the server.
28.Start Backup of the server and confirm success
28. Download Microsoft Azure Active Directory Connect from:
https://www.microsoft.com/en-us/download/details.aspx?id=47594
Save the File to C:\TEMP
29Browse to C:\TEMP and run AzureADConnect.msi
Tick the box to agree to the license terms and privacy notice, then click Continue
At the express settings screen choose customize.
step through the cofiguration items and confirm the same settings match those of the Previous AAD Connect server
30
At the final page which sais Ready to Configure
Select the options for "start the synchronization process when configuration completes.
select the option for Staging mode.
select install.
PART 2
1)
Log onto OLDADD
5.Download and run the Azure AD Connect Configuration Documenter to verify the existing Azure AD Connect settings as per:
https://github.com/Microsoft/AADConnectConfigDocumenter/wiki
Download the latest Azure AD Connect Sync Configuration Documenter from
https://github.com/Microsoft/AADConnectConfigDocumenter/releases
Open Powershell CLI
Powershell commands.
Import-Module ADSync
Get-ADSyncServerConfiguration -Path "c:\temp\AADConnectConfigDocumenter\Data\Customer\OLDAD"
Copy the files to the new server \\NEWAD\\c$\temp\AADConnectConfigDocumenter\Data\Customer\OLDAD
2)
Log onto New Server NEWAD
Open Powershell CLI
Powershell commands.
Import-Module ADSync
Get-ADSyncServerConfiguration -Path "c:\temp\AADConnectConfigDocumenter\Data\Customer\NEWAD"
when looking in the c:\temp\AADConnectConfigDocumenter\Data\Customer folder you should see 2 folders, OLDAD and NEWAD
3)
Edit the AADConnectConfigDocumenter.cmd file with the following
********************************************
AzureADConnectSyncDocumenterCmd.exe "customer\OLDAD" "customer\NEWAD"
ECHO OFF
ECHO ****************************************************************************************************
ECHO Execution complete. Please check any errors or warnings in the AADConnectSyncDocumenter-Error.log...
@pause
********************************************
Save the file.
4)Run the file AADConnectConfigDocumenter.cmd
After this is completed you will see a report in the c:\temp\AADConnectConfigDocumenter\report folder
View the global settings and confirm any configuration differences, correct any configuration differences and run the report again until the configuration is correct on the staging NEWAD server.
5)
Currently you will have staging mode configured this way .
We have the following servers configured for ADSYNC
OLDAD - Sync Enabled Staging mode disabled.
NEWAD - Sync Enabled Staging mode Enabled.
The new server NEWAD will stay upto date with the AD and the latest changes but will not be syncing anything to azure in staging mode.
6)
Turn on staging mode OLDAD (this stips the sync to 0365)
log into OLDAD
open Azure AD Connect and click configure.
from the task list Configure Staging Mode Click next and confirm authentication and configure staging mode to enabled. (Choose to keep synchronisation enabled for now.)
7)
Turn off staging mode NEWAD (this starts the sync to o365)
log into NEWAD
open Azure AD Connect and click configure.
from the task list Configure Staging Mode Click next and confirm authentication and configure staging mode to disabled..
Make sure to tick the Start Synchronization process when configuration completes.
8)
Log into Portal.azure.com
Go to Azure Active Directory Connect Health.
Confirm the Synchronization object is healthy for NEWAD
.
9)
Log onto NEWAD
Click on Start > All Programs > Azure AD Connect > Synchronization Service.
Select Tools > Connectors
Select yourdomaincom.au in the Connectors pane, then Properties
Select Configure Directory Partitions in the left hand pane, then click on Configure on the right
Select each DC listed and click on Remove
In the field at the bottom, enter "YOUR DC FQDN" and click Add
In the field at the bottom, enter "YOUR DC2 FQDN" and click Add, then OK
Select Actions > Run...
Select Full Synchronization, then select the Operations tab
Confirm Full Synchronization has completed successfully
10) Run through Test Plan again and confirm all is working correctly.
PART 1
CREATE THE SERVER
1.
2.Goto portal.azure.com
3.goto virtual Machines
4.Click the + button and select Windows Server
5.Select "Windows Server 2016 Datacenter"
6.select create
7.type the name of the VM "NEWAd"
8."
9.Select VM disk type and set to HDD
10.type admin Username.
11.and type random generated 26 CHAR password
13.Confirm the subscription is "customer - Service Subscription"
14.For the Resource Group , select an existing Resource group
15.For the location Choose "Australia Southeast"
16.Select Already have a Windows License and select YES, check the Box.
17. Choose VM "A1 Standard"
18.Choose DC-AS for the availability set.
19.Choose a storage account for the diagnostic storage account.
20.enable Backup and select the default backup policy.
21.Create.
22.Log on to the new server and add to the domain.
24.Add server to the Domain yourdomain.com.au.
25.confirm the server is added and reboot.
26.confirm the server is patched up to date.
27.Reboot the server.
28.Start Backup of the server and confirm success
28. Download Microsoft Azure Active Directory Connect from:
https://www.microsoft.com/en-us/download/details.aspx?id=47594
Save the File to C:\TEMP
29Browse to C:\TEMP and run AzureADConnect.msi
Tick the box to agree to the license terms and privacy notice, then click Continue
At the express settings screen choose customize.
step through the cofiguration items and confirm the same settings match those of the Previous AAD Connect server
30
At the final page which sais Ready to Configure
Select the options for "start the synchronization process when configuration completes.
select the option for Staging mode.
select install.
PART 2
MIGRATE TO THE NEW SERVER
1)
Log onto OLDADD
5.Download and run the Azure AD Connect Configuration Documenter to verify the existing Azure AD Connect settings as per:
https://github.com/Microsoft/AADConnectConfigDocumenter/wiki
Download the latest Azure AD Connect Sync Configuration Documenter from
https://github.com/Microsoft/AADConnectConfigDocumenter/releases
Open Powershell CLI
Powershell commands.
Import-Module ADSync
Get-ADSyncServerConfiguration -Path "c:\temp\AADConnectConfigDocumenter\Data\Customer\OLDAD"
Copy the files to the new server \\NEWAD\\c$\temp\AADConnectConfigDocumenter\Data\Customer\OLDAD
2)
Log onto New Server NEWAD
Open Powershell CLI
Powershell commands.
Import-Module ADSync
Get-ADSyncServerConfiguration -Path "c:\temp\AADConnectConfigDocumenter\Data\Customer\NEWAD"
when looking in the c:\temp\AADConnectConfigDocumenter\Data\Customer folder you should see 2 folders, OLDAD and NEWAD
3)
Edit the AADConnectConfigDocumenter.cmd file with the following
********************************************
AzureADConnectSyncDocumenterCmd.exe "customer\OLDAD" "customer\NEWAD"
ECHO OFF
ECHO ****************************************************************************************************
ECHO Execution complete. Please check any errors or warnings in the AADConnectSyncDocumenter-Error.log...
@pause
********************************************
Save the file.
4)Run the file AADConnectConfigDocumenter.cmd
After this is completed you will see a report in the c:\temp\AADConnectConfigDocumenter\report folder
View the global settings and confirm any configuration differences, correct any configuration differences and run the report again until the configuration is correct on the staging NEWAD server.
5)
Currently you will have staging mode configured this way .
We have the following servers configured for ADSYNC
OLDAD - Sync Enabled Staging mode disabled.
NEWAD - Sync Enabled Staging mode Enabled.
The new server NEWAD will stay upto date with the AD and the latest changes but will not be syncing anything to azure in staging mode.
6)
Turn on staging mode OLDAD (this stips the sync to 0365)
log into OLDAD
open Azure AD Connect and click configure.
from the task list Configure Staging Mode Click next and confirm authentication and configure staging mode to enabled. (Choose to keep synchronisation enabled for now.)
7)
Turn off staging mode NEWAD (this starts the sync to o365)
log into NEWAD
open Azure AD Connect and click configure.
from the task list Configure Staging Mode Click next and confirm authentication and configure staging mode to disabled..
Make sure to tick the Start Synchronization process when configuration completes.
8)
Log into Portal.azure.com
Go to Azure Active Directory Connect Health.
Confirm the Synchronization object is healthy for NEWAD
.
9)
Log onto NEWAD
Click on Start > All Programs > Azure AD Connect > Synchronization Service.
Select Tools > Connectors
Select yourdomaincom.au in the Connectors pane, then Properties
Select Configure Directory Partitions in the left hand pane, then click on Configure on the right
Select each DC listed and click on Remove
In the field at the bottom, enter "YOUR DC FQDN" and click Add
In the field at the bottom, enter "YOUR DC2 FQDN" and click Add, then OK
Select Actions > Run...
Select Full Synchronization, then select the Operations tab
Confirm Full Synchronization has completed successfully
10) Run through Test Plan again and confirm all is working correctly.
Comments
Post a Comment