I looked at articles over the years and even though with evolution and time, document keeps explaining too much at time and or overcomplicating it by giving you a million scenarios. I would like to talk about “IDFix”. The IDFix tool is required to run when you attempting to configure the AADconnect. Microsoft has a set of requirements which needs to be met with on the on-premise AD and what is in Azure AD. This tools run a checks and validates the following parameters are correct for each user:
You can download the IDFix tool from the following link: here
Download the application. You may need to unzip the file. When you open the file, In the “Publish” folder, there should be a setup.exe. When you run the IDFix tool, click on “Query”. This will look through the domain, check against the above mentioned parameters and give you feedback on what needs to be fixed.
It will advise you. Locate the objects and fix the accounts. in theory, you should be ready to deploy and configure AADconnect. However, there is one other thing that I may have missed in the document but never knew until I deployed the application. You need to sure that the above-mentioned parameters are not duplicated across multiple users I.E a user account and an admin account being the same person. This only applies to if you already have your users in Azure AD and want to keep the link between on-premises AD and Azure AD, if not, just ensure there is no duplicate or same details, you should be good.