I am planning and preparing to migrate 2x Active Directory forests (example.com and example.net) to Azure Active Directory.
I followed the Microsoft doc to use Idfix to clean up each of the AD forests. Initially, I thought I could use Idfix to clean up both forests at the same time, but it appears that Idfix cannot access 2x forests while it can handle 2x domains of the same forest.
Because example.com and example.net are in the process of merging, I have the following scenario of a user object John Doe.
In example.com,
- UPN = [email protected], MailNickName = john.doe and his email address = [email protected]
There is also a contact of his account in example.net
- MailNickName = johndoe and the email address is [email protected]
In example.net
- UPN = [email protected], MailNickName = johnd and his email address = [email protected]
When I ran Idfix individually in example.com and example.net, it does not generate error for this account. However, when I synchronise example.com and example.net to AAD, will this work?
I know for this scenario:
There are 2x UPNs but the names are unique
There are 3x MailNickNames but they are unique too.
However, the email address will clash.
I think when we eventually merge and migrate to AAD, for this scenario, only 1x AD user object is needed and that is UPN [email protected]
How should I approach the cleanup in order to be ready for the eventual synchronisation?
0 Answers