Sometimes it’s required to migrate your Azure AD Connect to a new OS or another server. This is actually a straight forward thing and you can find severeal blogs to do that – just google it. But one thing you should keep in mind is the SourceAnchor immutable attribute. Immutable means “not changeable”.
Since this attribute’s value cannot be changed after it has been set, it is important to pick a design that supports your scenario. Consider this, check the docs site for more information.
The change to another server requires Azure AD connect to be installed in staging mode. Staging mode enables you a “Hot standby” Azure AD Connect server and allows you to migrate from the original server to the new one or in case of a server failure to switch over.
During the installtion of the staging server, Azure AD Connect wizard checks the SourceAnchor attribute. Since version 1.1.524.0 of AADC, the attribute ms-DS-ConsistencyGuid is used as the primary source anchor instead of the objectGUID attribute. AADC checks the ms-DS-ConsistencyGuid within the forest and in case the attribute is not used by any service, an automatic migration will take place.
Now when you move to a new server, Azure AD Connect will drop an error, that the attribute ms-DS-ConsistencyGuid has already values and instead objectGUID will be used as the source anchor. If you ignore this, you will run in trouble for sure! So be careful.
SOLUTION
If you are certain that the attribute isn’t used by other existing applications, you can suppress the error by restarting the Azure AD Connect wizard with the /SkipLdapSearch switch specified.
"c:\Program Files\Microsoft Azure Active Directory Connect\AzureADConnect.exe" /SkipLdapSearch
SkipLdapSearch allows you to change the staging mode server to the sourceAnchor attribute ms-DS-ConsistencyGuid.
Make sure all your settings are identically configured on the staging server compared to the source server before you switch to the new installed box.
Happy sourceAnchor-ing!
blog.alschneiter.com 