Hello all,
I've already asked this question on Office 365 Community Forum http://community.office365.com/en-us/f/613/t/267826.aspx, and as I understand the AAD Sync Service tool is based on the AAD Connector for FIM 2010 R2, so maybe you can help me.
We have a multi-forest environment due to a recent merger, with one forest with resources and some accounts and another forest with accounts only that should be migrated to the first one during time. We're at Wave 15 on our tenant.
We're configuring AAD Sync Service, but we need to choose the attribute to use as sourceAnchor; we think that the approach suggested in http://blog.msresource.net/2014/03/10/windows-azure-active-directory-connector-part-3-immutable-id/ should work.
In short:
- if the mS-DS-ConsistencyGuid is empty, we'll generate the sourceAnchor value from objectID, then populate the mS-DS-ConsistencyGuid with the sourceAnchor value
- if the mS-DS-ConsistencyGuid is populated, use that as the sourceAnchor (so we can match a user even if it is moved from one forest to the other)
Should that work? How can we get the tool to write back the sourceAnchor value to mS-DS-ConsistencyGuid?
Thanks