In support we see many cases come through looking to create a customized synchronization rule to adhere to different business rules utilizing the Azure AD Connect (Azure AD Sync Services (AADSync)) Tool. Here, I am creating this blog to provide some guidance on how to create a custom synchronization rule inside of the Azure AD Sync Services (AADSync) tool. This blog is a sample illustration of how to take givenName and sn and flow those values into the displayName attribute.
STEPS TO CREATE CUSTOM SYNCHRONIZATION RULE
- Open the Synchronization Rules Editor
- Select Inbound
Inbound Synchronization Rule: Takes data from Source Connector Space to Metaverse
Outbound Synchronization Rule: Takes data from the Metaverse to the Target Connector Space
- Click the Add New Rule button in the upper right
- Edit Inbound Synchronization Rule
Name: In from AD - Update displayName attribute
*NOTE: I like to try and stay in sync with the naming format used in the Synchronization Rules Editor. You can provide any name that you desire here. The key is to remember that you want to understand the purpose of this synchronization rule.
- Description: Updates the displayName attribute with the values of givenName and sn
- Connected System: <On Premise Active Directory>
- Connected System Object: user
- Metaverse Object Type: person
- Link Type: Join
*NOTE: I chose a lower number so that it would have the higher precedence.
Synchronization RuleA Synchronization Rule is a configuration object with a set of attributes flowing when a condition is satisfied. It is also used to describe how an object in a connector space is related to an object in the metaverse, known as join or match. The Synchronization Rules have a precedence indicating how they relate to each other. A Synchronization Rule with a lower numeric value in precedence has a higher precedence and in case of an attribute flow conflict, higher precedence will win the conflict resolution.
As an example we will look at the Synchronization Rule “In from AD – User AccountEnabled”. We will mark this line in the SRE and select Edit.A Synchronization Rule has four configuration sections: Description, Scoping filter, Join rules, and Transformations.
- Name: In from AD - Update displayName attribute
- For the purpose of this custom synchronization rule, we are not going to have any Scoping Filter and/or Join Rules.
For more information on these two items, please review the Understanding the default configuration page.
- Transformations Page
- Click the Save Button
- Description Page
- Understanding the default configuration: https://msdn.microsoft.com/en-us/library/azure/dn800963.aspx
- AADSync - Configure Filtering - Part 1: http://blogs.technet.com/b/steady/archive/2015/01/08/aadsync-configure-filtering-part-1.aspx
- AADSync - Configure Filtering - Part 2: http://blogs.technet.com/b/steady/archive/2015/01/09/aadsync-configure-filtering-part-2.aspx