AADSync 的架構是電腦上安裝SQL Express & Azure PowerShell Module
大致流程是
1.連接 AD Server,將資訊 export 到 SQL
2.連接Azure AD,將資訊 export 到 SQL
3.在SQL中比對兩者差異
4.將差異結果 Import 到 Azure AD。
| $adConnector = "<CASE SENSITIVE AD CONNECTOR NAME>"
$aadConnector = “<CASE SENSITIVE AAD CONNECTOR NAME>”
Import-Module adsync
$gs = Get-ADSyncGlobalSettings
$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter "Microsoft.Synchronize.SynchronizationPolicy", String, SynchronizationGlobal, $null, $null, $null
$p.Value = "Delta"
$gs.Parameters.Remove($p.Name)
$gs.Parameters.Add($p)
Set-ADSyncGlobalSettings -GlobalSettings $gs
$c = Get-ADSyncConnector -Name $adConnector
$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter “Microsoft.Synchronize.ForceFullPasswordSync”, String, ConnectorGlobal, $null, $null, $null
$p.Value = 1
$c.GlobalParameters.Remove($p.Name)
$c.GlobalParameters.Add($p)
$c = Add-ADSyncConnector -Connector $c
Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $false
Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $true
|
發表文章
0 意見:
張貼留言