KB ID 0001638
Problem
I’ve seen this a few times now, I’ve had users that will not sync from Active Directory to Azure Active Directory (Office 365). When you look to see why, you will see something like;
The Connector {Your-Domain}.onmicrosoft.com – AAD contains another object with the same DN which is already connected to the MV.
Note: For the uninitiated, DN is Distinguished Name, and MV is MetaVerse.
If you attempt to troubleshoot the sync, you may also see something like this;
Object {Distinguished-Name} is not found in AAD Connector Space.
Solution
First we need to temporarily halt the sync;
Set-ADSyncScheduler -SyncCycleEnabled $False
Then launch Sycronization Service Manager > Connectors > Select your AAD Connector > Delete > Delete connector space only > Yes.
Note: Whoa! it says I’m going to lose data, what are we doing?
Well we are essentially removing all the ‘cached objects associated with this connector, I think about it like ‘flushing the cache’. I’ve never seen this operation break anything, and I’ve certainly never ‘lost’ anything.
While it’s still running, do the same with your local AD connector.
Start the sync scheduler again.
Set-ADSyncScheduler -SyncCycleEnabled $True
Perform a Full Import on your AAD connector..
With the above still running you can repeat a Full Import on your AD Connector
Providing the full import has finished (i.e the connector says ‘idle’) perform an Export on the AAD Connector.
Providing the full import has finished (i.e, the connector says ‘idle’) perform an Export on the Local AD Connector.
You can then force an AAD sync, and go have a coffee.
Related Articles, References, Credits, or External Links
Azure AD Connect: Correct Or Remove Duplicate Values
15/07/2020
Thanks for this info. These actions finally solved my problems.
Instead of the last 4 actions (twice Full Import and twice Export) it is easier to do:
Start-ADSyncSyncCycle -PolicyType Initial
19/09/2022
Isn’t this the solution to skip all above steps? I.e. is it necessary to do all the steps before re-enabling the sync schedule?
11/02/2021
That solved my problems too.
Thanks a lot man!
06/10/2022
Hello,
I just would highlight that this is not a solution, and this is not supported by Microsoft at all. If you are doing this, your AAD Connect instance became unsupported.
10/10/2022
Well I learned of this solution by watching a Microsoft Support Engineer perform it on a production AD instance. And if you’re happy about it or not, if it resolved the problem it IS a Solution. If you would like to post a link to somewhere where this method is disavowed by Microsoft. I’ll happily take the post down. But at least post an alternate solution to the problem.
P
22/08/2024
I know this is an old post and I have seen MS engineers recently post the same thing on MS Q&A sites, this is a poor solution for large sites such as ours. This isn’t a fault of you or your post. Just something that others trying to get to the bottom of this error to be aware of.
For reference, if I was going to reinitialise the sync in our environment, it would take 3 days to rebuild which is far from ideal when there is a large turnover or update of accounts each day.