Advice with AD Sync migration Azure AD Sync

Question

Hi, 
 Can someone please weigh-in on this to see if I have this right? And please state if you have done this before ;) 
 To migrate from away from AD Sync to Azure AD Sync, do we: 
 
 Stop On-Prem AD Sync service 
 Disable the AD Sync service 
 Login to Sophos Central 
 Setup AzureAD Sync 
 Reassigned the polices to the now-selected and synced Azure AD Groups 
 Purge AD Sync data via this thread ( Purge synchronized Active Directory data - Sophos Central Admin ) 
 Check everything works 
 
 ??? 
 
 Or, is it a case that the AD Sync data must be purged before establishing the Azure AD Sync? 
 
 Cheers!

Qoosh · Accepted Answer

Hi Trooper , 
 Thanks for reaching out to the Sophos Community Forum. 
 It is not a requirement to purge the data before moving from AD Sync to Azure AD Sync. However, you may run into some duplicated entries. 
 The External ID, Immutable ID, and SID are used to verify whether a newly synchronized object will be merged with an existing one. The following items will not be merged. - Public Folder - Device - OU - Device Group 
 If you wish to synchronize the items mentioned here, it may be best to do the purge before the switch.

Advice with AD Sync migration Azure AD Sync

Top Replies