Windows Azure Active Directory Connector for FIM 2010 R2 RRS feed

  • Question

  • To all

    Trying to install the above connector on an existing FIM solution at a client. However the instructions on how to configure the AAD Connector literally stops after the installation and Configure Attribute Flow.

    Has anyone got further/complete information on how to configure the AAD FIM connector so that we can Dirsync the AD accounts to Office 365? Using the Office 365 DirSync tool is not considered an option since FIM is been heavily vested into production and the powers to be want this solution.



    P.S. I am not a FIM person. Just trying to install and configure the AAD connector


    Wednesday, December 11, 2013 3:33 PM

All replies

  • I don't think that Microsoft officially supports using the AAD connector on an existing implementation of FIM. I haven't tried the officially released version yet, but the beta version did a complete schema refresh during the installation process that wiped out all of the additional FIM attributes. Also, one of the existing attributes is a different type and that causes the schema refresh to fail. I was hoping that these issues would go away with the actual public release, but maybe they haven't.

    There are ways around these issues, but it's not a simple task.



    Mark Creekmore - BlueVault Software

    Wednesday, December 11, 2013 5:01 PM
  • Ok

    I think I got this figured out. It is a combination of installing the new AAD connector and then importing the Server Agent and Management Agent from the Beta release.

    - Install the AAD connector on a new server with FIM Sync service installed.

    - Import the Server Management agent from the Beta release to the assigned DirSync servers

    - Import the Management Agent (Exchange 2010 xml in my case ) from the Beta release to the assigned DirSync server

    - Import the AADRulesExtension.dll from the Beta connector to the FIM server ( this DLL has to be created using the instructions from the Beta doc (page 24))

    Then test. It worked in my case. However I do not know the ramifications on this.

    Hopefully some one from MS will update their doc on the TechNet site so that we can all use this


    Thursday, January 9, 2014 5:41 PM
  • jt - thanks, that's about the same I've had to do.  Have you had any luck in scheduling the runs or actually getting the objects out?  I've got objects in the metaverse, but running either a full import/full sync and or an export on the Azure AD connector just runs and states: completed-no-objects.
    Thursday, January 9, 2014 7:44 PM
  • It may be a simple thing but is provisioning enabled?

    Have you configured the MV Rule Extension so that it can provision.

    Check out the following:

    David Lundell, Get your copy of FIM Best Practices Volume 1

    Thursday, January 9, 2014 9:16 PM
  • David.

    The Rule extension has been provisioned.


    Objects are getting provisioned in Office 365 BUT we are having to do the runs a couple of times in order to get the objects into Office 365. is what I followed to configure and install the connector. reports that the FIM connector is not syncing up all users to Office365.

    Has MS published any official docs on this as yet?


    Monday, January 13, 2014 2:54 PM
  • Sorry for the late reply.  Yes, provisisoning was enabled, and same thing jt - I ended up having to run it about 3 or so times and finally the accounts showed up.  Also, I noticed only the accounts with a homeMDB value would sync, so I will need to modify the attribute flow.  I haven't had a chance to work any more on it, but hopefully will in the next week or two.
    Monday, January 13, 2014 4:51 PM