Azure AD Connect / Synch:删除本地域剩余部分 [英] Azure AD Connect / Synch: Remove local domain remainings
问题描述
您好,
我有点不确定,如何正确解释我们的问题,PLZ。原谅一些缺乏明确性。
i am a bit unsure, how to explain our problem properly, plz. excuse some lack of clarity.
我们一直是Azure AD Connect / Sync的早期采用者。在我们的例子中,我们有一个与Azure AD同步的不可路由的本地域。除了最初的Azure AD Admin之外,我们的所有Azure AD用户都是由synch-service创建的。
we have been early adopters of Azure AD Connect / Sync. In our case we had a non-routable local domain synchronized to Azure AD. All our Azure AD users have been created by the synch-service, besides the initial Azure AD Admin.
在Azure AD同步开始时,不需要在本地创建备用UPN后缀如果是不可路由的本地域;我们可以在Azure AD中将验证的域分配给用户登录。我们在本地AD中定义了每个用户
的代理smtp地址,它在Azure AD中映射了经过验证的域,但我认为这是不相关的。
In the beginning with Azure AD Synch it was no requirement to create locally an alternative UPN suffix in case of a non-routable local domain; we could assign the verified domain to the user login afterwards in Azure AD. We also had a proxy smtp adress for each user defined in our local AD, which mapped the verified domain in Azure AD, but i think, this is non-relevant.
现在,我们正在将所有本地资源迁移到azure服务,为此我们已禁用和卸载Azure AD Connect DirSync。目前,我们将本地计算机加入Azure AD。这使我们可以使用Azure AD用户帐户登录
我们的计算机。这工作正常,但在成功登录后,用户仍以< localdomain \ user.name>登录。
Now, we are in the process of migrating all our local resources to azure services, for this we have disabled and uninstalled Azure AD Connect DirSync. At the moment we are joinig our local computers to Azure AD. This gives us the possibility to logon on our computers with our Azure AD user accounts. This is working fine, but after a sucessfull login, the user is still logged on as <localdomain\user.name>.
我得出这个结论,因为:
I get to this conclusion, because:
1。首次通过Azure AD登录后,Windows中新创建的配置文件文件夹命名为< user.name.localdomain>
2. cmd命令 whoami 返回< localdomain\user.name>
3.例如,在sql server management studio中,如果连接到具有Windows凭据的服务器,则预填充的用户凭据为也指定为< localdomain \user.name>
1. the newly created profile folder in windows after the first login via Azure AD is named as <user.name.localdomain>
2. the cmd command whoami returns <localdomain\user.name>
3. as example, in sql server management studio, in case of a connection to a server with windows credentials, the prefilled user credentials are also specified as <localdomain\user.name>
但是,我无法在Azure AD门户或MS Graph资源管理器中找到任何此本地域余数。在那里,用户UPN的正确名称为< user.name@verifiedazureaddomain.com>我还没有找到我们当地
域名的其他剩余部分。
But, i am not able to find any of this local domain remainings in the Azure AD Portal or with the MS Graph explorer. There, the user UPN is correctly named with <user.name@verifiedazureaddomain.com> and i havent found any other remainings of our local domain.
有人有关于此问题的更多信息吗?我们希望完全摆脱Azure AD中我们所有旧域剩余的内容。
Does someone has more information regarding this problem? We would like to get completly rid of all our old domain remainings in Azure AD.
提前感谢您,b
F.Brem
Thank you in advance,
F.Brem
推荐答案
您可能希望禁用AD Connect并重新建立连接。若要禁用Azure AD Connect,可以卸载本地服务器中的AAD连接。在此之前,我建议您禁用目录同步。为此,请点击以下链接:
You may want to disable AD Connect and re-do the connection. To disable Azure AD Connect, you can uninstall the AAD connect in your on-premises server. Before that, I suggest you disable the Directory sync. To do that, please follow the link below:
https://support.microsoft.com/en-us/kb/2619062
然后,您可以再次进行设置,以便它不会附加到您的本地域。
You can then do the setup again so that it's not attached to your local domain.
这篇关于Azure AD Connect / Synch:删除本地域剩余部分的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
