How to resolve AD attributes synchronization issues?
When using Azure AD attributes in your email signatures, some attributes display with incorrect or no values after being attached to the email by the Sigsync service.
Before attempting to resolve the issues, first determine whether you are in a Hybrid or Non-hybrid environment.
Troubleshoot the attributes synchronization problem in a Hybrid environment
There may be different reasons for the incorrect display of AD attributes. Initially, find the point of origin of the problem with the help of Microsoft Graph Explorer to check the value of the attributes.
- Graph Explorer returns the correct value but your email signature displays an incorrect value.
- Refresh the OAuth 2.0 access token.
- Sync AD changes in Sigsync Preferences.
- Graph Explorer returns the same incorrect value that appears in the email signature.
- Custom attribute synchronization is disabled, or the Azure AD Connect is not properly configured: The Custom attributes are not correctly synchronized with on-premise and Azure Active Directory fields. As a result, the correct value will not be fetched by Sigsync email signature. Enabling synchronization of the AD attributes from the Azure Active Directory Connect tool helps to display the correct value in the Sigsync email signature
After enabling the Synchronization and correctly configuring the Azure AD Connect, force complete the synchronization of Azure AD connect using the command below:
Start-ADSyncSyncCycle -PolicyType Initial
- Few directory extensions are excluded: Even after enabling the AD attributes synchronization, some attributes are not displaying in email signatures. Verify if these attributes exist using the Azure Active Directory Connect
Steps to verify the attributes in Azure AD Connect:
- Open Azure AD connect and select Sync → Directory Extension
- In the Directory Extension, only the attributes listed under Selected Attributes are synchronized with the Office 365 tenants.
- Outdated or unsupported attributes are synchronized: Sigsync supports only single valued attributes. Even if the attributes are already synchronized, the value will not be displayed when using multi-value. Therefore, check whether the attributes are supported by Sigsync or not.
The custom attributes must be up-to-date or else the exact value will not be displayed in the On-premise Active Directory. Try to force the synchronization of Azure AD using the steps below:
- For a while, change the value of the incorrectly updated attributes in on-premise AD and force the Complete Azure AD synchronization using the following command
Start-ADSyncSyncCycle -PolicyType Initial
- Sync AD attributes in the Sigsync dashboard's Preferences page.
- After updating the AD attributes, change to the original value of the incorrectly updated attributes in the On-premise Active directory.
- Then, force the Complete Azure AD synchronization again.
- For a while, change the value of the incorrectly updated attributes in on-premise AD and force the Complete Azure AD synchronization using the following command
- Use the cloud version of Azure AD Connect: There is a cloud version of Azure AD Connect i.e. Azure Active Directory Connect cloud sync. There are a few differences between the two versions but the main difference is the lack of Synchronization between the custom attributes. For proper synchronization of custom attributes, use the attributes directly in the email signature or use the regular Azure AD Connect.
- Custom attribute synchronization is disabled, or the Azure AD Connect is not properly configured: The Custom attributes are not correctly synchronized with on-premise and Azure Active Directory fields. As a result, the correct value will not be fetched by Sigsync email signature. Enabling synchronization of the AD attributes from the Azure Active Directory Connect tool helps to display the correct value in the Sigsync email signature
Troubleshoot the attributes synchronization problem in a non-hybrid environment
The first step is to verify the value of the AD attributes in the Microsoft Graph Explorer and then determine whether the return value is correct or not.
- Graph Explorer returns the correct value but your email signature displays an incorrect value.
- Refresh the OAuth 2.0 access token.
- Sync AD changes in Sigsync Preferences.
- Graph Explorer returns the incorrect value same as shown in the email signature.
Verify the AD attribute value displaying with Exchange Online. If the value is wrong, correct the value in Exchange online or else contact Microsoft Support because the incorrect custom attribute values displaying in the email signature is not related to Sigsync service.
If any other attributes display an incorrect email signature then update the correct value in Exchange Online and also refresh the AD attributes in Sigsync service.
Steps to refresh the AD attributes in Sigsync service.
Streamline Email Signature Management with a Free On-demand Demo from Sigsync
Sigsync email signature service provides effortless, centralized signature management for Office 365 and Exchange. Our team can assist you in quickly setting up company-wide signatures. Request a free on-demand demo to see how Sigsync can simplify your email signature management process.