To change the user account set in Azure AD Connect follow these steps:

  • Log in to the AD Sync server
  • Run the “Synchronization Service” from the start menu
  • Go to the “Connectors” tab
  • Select the connector relative to your on-premise AD
  • Right-click it and select “Properties”
  • Click on “Connect to Active Directory Forest”
  • Here you will swap your credentials once the user is ready
  • Go into your AD DS environment and create a new user. It has to be part of the “Domain Users” group
  • Right-click the domain object (e.g. contoso.com) then “Properties”
  • Click on “Security”
  • Add the user account if not present
  • Click on the account added
  • Add the “Replicating Directory Changes” and “Replicating Directory Changes All” permissions
  • Click Apply
  • Any further permission will depend on which optional features you have enabled in your environment. To check any “special” permissions for the user refer to the following link: https://docs.microsoft.com/it-it/azure/active-directory/hybrid/reference-connect-accounts-permissions#create-the-ad-ds-connector-account
  • Swap the current user account with the new one we just created in the “Connect to Active Directory Forest” tab on the AD Connect server and click “OK”

Published by Azvise