As consultants, we often find ourselves in environments that haven’t been properly managed, and usually not properly documented – which is generally why we get called in.
In this particular situation, I was asked to install and configure DirSync / AAD Connect for a client – only to find out that it was already installed! The funny part is that the client didn’t know it was installed, and nobody knew what server it was installed on, so I had to do some digging to find it.
Before logging in to every server and checking running services, installed programs, etc., I thought I’d take a look to see if there was a better way. Sure enough, fellow MVP Benoit Hamet suggested this answer on the Office 365 community forums. All props go to him for providing this simple solution:
“The MSOL account has a description which contains the server name on which it’s been installed”
So I checked in AD, and sure enough, this is what I found:
And in the description?
“Account created by the Windows Azure Active Directory Sync tool with installation identifier ‘e80ac210a5e14d6095c0fcea79acc5f9’ running on computer ‘RANDOMSERVER‘ configured to synchronize to tenant ‘domain.com‘. This account must have directory replication permissions in the local Active Directory and write permission on certain attributes to enable Hybrid Deployment.”
Brilliant – thanks Benoit!
Master & CmdR 