Knowledgebase: How to check if your Azure Active Directory Tenant has a DirSync or AADSync installation syncing to it

Reading Time: 3 minutes

Today, I ran into an issue, where the people I was talking to couldn’t tell me if their Azure Active Directory tenant had one or more Directory Synchronization Tool (DirSync) or Azure Active Directory Sync Tool (AADSync) installations associated with it.

Additionally, these people showed me an Azure Active Directory Sync Tool (AADSync) installation, but they had no idea whether or not it was functional.

 

Checking from the Azure Management Portal

The first way is to check if your Azure Active Directory Tenant has a DirSync or AADSync installation allows syncing to it, There’s no need for difficult tools, because you can see if this functionality is enabled or not using the Azure Management Portal.

Perform these steps:

  • Open a web browser and navigate to https://manage.windowsazure.com.
  • When you’re not automatically logged on, enter the credentials of a user account with administrative privileges in the Azure tenant.

Note:
If you are logged on automatically, perform the steps below. When you are unable to, because the account with which you have been automatically logged on, close the browser and start an Inprivate Mode browsing session. Then perform the steps from the top of this list.

  • In the list of items within the Azure tenant on the right, scroll down to Azure Directory. (it is almost at the bottom of the list)
  • In the main pane, click on the arrow to the right of your directory name. By default, the directory is named Default Directory.
  • In the top bar with items, click on the DIRECTORY INTEGRATION tab.

In the main pane, in the integration with local active directory section, there is a toggle switch that indicates the status of DIRECTORY SYNC. When this toggle is DEACTIVATED, indicated by the blue background color, there is no DirSync or AADSync installation syncing to the Azure Active Directory Tenant. When this toggle is ACTIVATED, there is.

The 'integration with local active directory' section of the directory integration settings of an Azure Active Directory tenant

 

In the screenshot above, there is no DirSync or AADSync installation syncing to the Azure Active Directory Tenant, since the functionality clearly isn’t activated.

 

Checking with Azure Active Directory PowerShell

Another method is to use the Azure Active Directory PowerShell Cmdlets. This is a fast method when you already have the Azure Active Directory PowerShell module installed and configured, which, in itself, is only mere minutes of work: First install the Microsoft Online Services Sign-In Assistant for IT Professionals RTW from the Microsoft Download Center. Then install the Azure Active Directory Module for Windows PowerShell (64-bit version), and click Run to run the installer package.

I prefer this method, because the Get-MsolCompanyInformation Windows PowerShell Cmdlet in the Azure Active Directory PowerShell module exposes a lot more information than the graphical Azure management portal.

To check if a DirSync or AADSync installation is syncing to the Azure Active Directory Tenant, using Azure PowerShell, perform these steps:

  • Start the Microsoft Azure Active Directory Module for Windows PowerShell by typing part of its name in the Start Screen. Then, when selected press Ctrl + Shift + Enter to run it as administrator. Alternatively, right-click the Microsoft Azure Active Directory Module for Windows PowerShell search result and select Run as Administrator from the context menu.
  • In the Microsoft Azure Active Directory Module for Windows PowerShell window, type the following command:

Connect-MsolService

  • Type your user principle name (UPN) and the associated password of a user account in the Azure Active Directory tenant with administrative privileges.
  • Next, type:

Get-MsolCompanyInformation

This will show you detailed information. The last four fields are the fields of importance in this scenario:

  • DirectorySynchronizationEnabled
  • LastDirSyncTime
  • LastPasswordSyncTime
  • PasswordSynchronizationEnabled

The Get-MSolCompanyInformation Windows PowerShell Cmdlet in action (click for the original, yet censored screenshot)

The screenshot above shows the Azure Active Directory tenant, clearly, hasn’t synchronized, since DirectorySynchronizationEnabled is clearly False. However, we can also see that the tenant never had one or more Directory Synchronization Tool (DirSync) or Azure Active Directory Sync Tool (AADSync) installations associated with it.

Cool. That was all I needed to know Glimlach

 

Related blogposts

Azure Active Directory Synchronization- An Introduction, Part 1
Azure Active Directory Synchronization- An Introduction, Part 2
Azure Active Directory Synchronization- Filtering, Part 1
Azure Active Directory Synchronization- Filtering, Part 2
Azure Active Directory Synchronization- Object Matching

Further reading

Download Microsoft Azure Active Directory Sync Services
Azure Active Directory Sync
DirSync: Password Sync Frequently Asked Questions
Install or upgrade the Directory Sync tool
DirSync: Directory Sync Tool Version Release History

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.