I have a client who is slowly going to O365 and has asked us to pick up where another consultancy left off.
Some objects were not syncing with O365, even though the OU was included in the AADConnect config.
First issue was easy – the UPN suffix on a number of objects had not been changed, updated that, away they went.
The next issue, took me a while to suss out.
Within the Synchronisation service manager, I could see there was 22 “disconnects”… but no details on what that meant…. took a while, but I found that the issue was caused by the mailboxes which were listed as object type “placeholder”. So…..
Open Synchronisation Service Manager
Go to connectors
Right click on your AD connector and select “Search connector space”
Optionally specify a DN to search
Find objects that have a “object type” of “placeholder”
I tried a number of things to try and get rid of “placeholder” – in the end, it was a simple password reset…. don’t have to enable the account, just set the password to something valid, and then it will sync in AADConnect fine.
Considering the accounts are all disabled, and therefore resetting all the passwords doesn’t matter, I ran the following powershell over the top-level resources OU
Get-ADUser -Filter * -SearchScope Subtree -SearchBase “OU=Resources,OU=Contoso,DC=au” | Set-ADAccountPassword -Reset -NewPassword (ConvertTo-SecureString -AsPlainText “ComplexPassword” -Force)