March 15

Create a Solution to Synchronize Account Expiry : Step 5 – Add new run profile

As next 4 run profiles need to be created:

  • Full Import
  • Full Synchronization
  • Delta Import
  • Delta Synchronization

The run profiles need to be created with exactly these run profile names, that the AAD Connect scheduler can pick up these run profiles.

Here are the steps how to create a new run profile:

  1. click on the connectors tab in the synchronization service manager, select our new connector AddRunProfile
  2. click on configure run profile CreateNewProfile
  3. This will open a new window where the list of the run profiles is empty, so click on “New Profile…” to add new run profileAddRunProfileNewProfile
  4. Where you need to add a display name for the new run profile. The name of the run profile should be capitalized and written as aboveAddNewRunProfile_ProfileName
  5. click on next, and select the type Full Import (Stage Only) AddNewRunProfile_ProfileType
  6. click on next, and you do not need to change anything in the following window AddNewRunProfile_ConnectorConfig
  7. click on finish
  8. Repeat this step for other run profiles as well.

 

 

And that’s it. All expired accounts will be disabled as wished. And this process works in delta mode.

Category: AAD Connect, AccountExpires | Comments Off on Create a Solution to Synchronize Account Expiry : Step 5 – Add new run profile
March 11

Create a Solution to Synchronize Account Expiry : Step 4 – Add Synchronization Rule for the new connector

After the new connector is created the next step is to create synchronization rules. Open the AAD Connect Synch Rules Editor and ensure that the inbound flow direction is selected. Click on new to create a new synchronization rule:

Add a name for example: Disabled expired accounts select the name of the created connector at connected system. The object type should be person for connected system object type and for metaverse object type as well. The rule type should be join and I’d suggest a precedence lower than 100. See you here:

 

AADC_CreateNewSynchRule_Description

 

 

The scoping filter can be empty, but we need to set up a join rule. We need here to select sourceAnchor to sourceAnchor. I do not recommend to use anything else.

 

AADC_CreateNewSynchRule_JoinRule

 

 

And now the highlight, the transformation. This should be a constant flow to accountEnabled with the constant value of FALSE.

 

AADC_CreateNewSynchRule_AddTransformation

 

 

Next: https://happyts.tech/create-a-solution-to-synchronize-account-expiry-step-5-add-new-run-profile/

Prev: https://happyts.tech/create-a-solution-to-synchronize-account-expiry-step-3-add-the-new-connector-to-aad-connect/

 

Category: AAD Connect, AccountExpires, ADSync | Comments Off on Create a Solution to Synchronize Account Expiry : Step 4 – Add Synchronization Rule for the new connector
March 7

Create a Solution to Synchronize Account Expiry : Step 3 – Add the new connector to AAD Connect

the next step is really exciting: add our new connector to AAD Connect:

  1. at first you need to copy the complied dll and pdb file in to the folder: C:\Program Files\Microsoft Azure AD Sync\Extensions AADC_AddFilesToExtensionsFolder
  2. As next Open the AAD Connect Synchronization Service Console
  3. Click on Connectors
  4. Click on Create AADC_CreateNewConnector
  5. Select the Connector Type: Extensible Connectivity 2.0 and Enter a Name for the connect e.g. 9th_AADC_CreateNewConnector_Name
  6. Click on Browse and select the Dll,: ExpiredAccountsConnector.dll and click  ok10th_AADC_CreateNewConnector_SelectDll
  7. On the page click on refresh interfaces 11th_AADC_CreateNewConnector_RefreshInterface
  8. Click on Next
  9. The next windows shows the partition, here just click on next, do not need to change anything  13th_AADC_CreateNewConnector_Partition
  10. Select the object:Person    14th_AADC_CreateNewConnector_ObjectType
  11. Select the Attributes (I’d recommend to select them all) 15th_AADC_CreateNewConnector_Attributes
  12. Click Next
  13. On the next page you will see the configuration of the anchor, you do not need to change this 16th_AADC_CreateNewConnector_Anchor
  14. Click Finish

 

Next: https://happyts.tech/create-a-solution-to-synchronize-account-expiry-step-4-add-synchronization-rule-for-the-new-connector/

Category: AAD Connect, AccountExpires, ADSync | Comments Off on Create a Solution to Synchronize Account Expiry : Step 3 – Add the new connector to AAD Connect