So, another build of Azure AD Connect is released. And this time there is a lot of new features. To mention some:
• Automatic upgrade feature for Express settings customers.
• Support for the global admin using MFA and PIM in the installation wizard.
• Allow changing the user’s sign-in method after initial install.
• Allow Domain and OU filtering in the installation wizard. This also allows connecting to forests where not all domains are available.
• Scheduler is built-in to the sync engine.
This is great. But also some changes on how to work. So the first install I did, I actually did not read the documentation well enough.
As always, I do not do a sync right after installation. I want to check settings before syncing. Even more important in previous build, when filtering on OU had to be done after installation (now we can do it during installation). So when I wanted to sync, I checked Schedule task, no sync task… hmm. Tried to start it manually as I often did before C:\Program Files\Microsoft Azure AD Sync\Bin\DirectorySyncClientCmd.exe – This executable was not present.. Hmm..
Well at this point I needed to read the documentation, and the conclusion is off course powershell. The cmdlet Get-ADSyncScheduler list the settings for the scheduler (no more schedule task). This is turned off by default, to turn it on you need to run Set-ADSyncScheduler -SyncCycleEnabled $true .
Then the scheduler will run every 30 minutes. To force manual sync if you have an urgent change which must be synchronized immediately. If you need to manually run a cycle, then from PowerShell run Start-ADSyncSyncCycle -PolicyType Delta
To initiate a full sync cycle, run Start-ADSyncSyncCycle -PolicyType Initial