Install and use the IDFix tool

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.

Develop your talent with more than 10,000 online courses from LinkedIn Learning

Right so, hot on the heels of the last lesson. We want to identify the IdFix tool and this is something that's actually mentioned when it comes to provisioning Office because it's a tool that can be used to help prepare an environment when you are first considering implementing an Office 365 tenant or if you implement your tenant then you can use this tool when you take that tenant and then start to synchronize the information in that implementation of Office 365 with your on-premises Active Directory installation so that people can sign on once and access resources throughout your entire enterprise, both local and now cloud-based with your Office 365 resources.

So, in any event, let's start this out, it's fairly straightforward to download, install and then use this tool. I'm going to do this from my server machine. So in my virtual machine, I'm going to go to Internet Explorer and as you can see here I've got a blank tab opened up and I'm going to start just by searching for IdFix download. So, I'll type that in to the browser window and then the Bing search here, there is an article install and run the Office 365 IdFix tool.

Now there's another article at least as of right now, as I author this, that is referencing IdFix with DirSync and as I mentioned previously that is a directory synchronization tool that's no longer supported by Microsoft. The one you want to be aware of and studying for practical purposes and for test purposes is this Azure Active Directory Connect tool. So we're looking for this, install and run the Office 365 IdFix tool.

This is also the same one that I identified in the provisioning Office 365 tenant course. So here we go here, what you need to do to run IdFix, as I mentioned here, it identifies errors such as duplicates, formatting problems in your directory before you synchronize to Office 365. So, requirements and then installing IdFix little bit down the page here and I'll go to the Microsoft download site and click here.

It opens up in another tab. And I can download and install this tool. The other thing I want to point out is that under system requirements, you can run this from Windows 7 computer or Windows Server 2008 R2 and greater so that certainly applies right here but it does not have to be run on the same computer that you are going to be running your Azure Active Directory Connect tool. So, install instructions here, pretty self explanatory.

So, I downloaded IdFix and I've saved it to my desktop. I'm going to give it a double click and it will run, it's an executable file, so you'll eventually, after you decide to run the tool by clicking on the Run button, it'll depend on exactly what operating system you are using. You'll get this privacy statement, fine, click on OK. And here is what the IdFix tool looks like. I'll go ahead and just run it full screen. Now, to start your query of Active Directory, you click on Query the Directory.

And then if you are connected to the Active Directory database, this is why you can run it from a Windows 7 machine or a Windows 10 machine, as long as you have the connection to Active Directory, IdFix will query that Active Directory environment and look through Active Directory and start to identify potential problems. So, there are two right here. There is the distinguished name Edgar Poe or in other words, the user Edgar Poe and the user Sarah Greer and this is the error, the top-level domain.

In other words the user principal name is going to be non-routable and there's the problem there is that the value is landonhotels.local. Now because I'm running on my Windows Server machine it's really simple to switch over to Active Directory users and computers. And we'll look at Sarah Greer and as we have explored earlier, her user logon name, or in other words the combination of this and this, make up her user principal name and that suffix is landonhotels.local.

So if I change this to something that is routable and click on Apply, and then run that same query again, you notice that now there is only one instance that it's identifying as potentially causing a problem when I do a synchronization, because I have addressed the non routable upn suffix using Active Directory users and computers. So, I'm one step along the way of remediating my situation.

LinkedIn Learning

LinkedIn Learning is an online learning platform that combines industry-leading content from with LinkedIn’s professional network of more than 500 million member profiles to provide highly personalized course recommendations and a more intuitive learning experience. Learn more.


  • Learn from recognized industry experts, and get the business, tech, and creative skills that are most in demand.

  • Receive personal recommendations based on your LinkedIn profile.

  • Stream courses from your computer or mobile device.

  • Take courses for every level – beginner to advanced.

  • Practice while you learn with quizzes, exercise files, and coding windows.

  • Provide learning for your team or entire organization, with an easy to use experience for managing users, curating content and measuring engagement

For businesses with 150+ licenses Request Office 365 onboarding assistance from FastTrack

You can request remote and personalized assistance with onboarding. Our FastTrack engineers will help you plan your Office 365 project, assess your technical environment, provide remediation guidance, and provide user adoption assistance. For businesses with at least 500 licenses, Microsoft also provides personalized assistance to migrate data to Office 365.

See the FastTrack Center Video:

Get started today:

Tip: Businesses with 1-149 licenses still have access to FastTrack guidance via links in the Admin Center and also available at

Network and system admins can prepare on-premises directories and connect to Azure to take advantage of managing Office 365 groups and users using common identities. Preparation, setup, and administration steps are demonstrated in this course using the Azure Active Directory (AAD) Connect tool. This course is designed to provide you with a better understanding of domain controllers, identity management, synchronization, and more. This course is also an exam preparation resource with topics that map to a corresponding domain in the Office 365 70-346 exam: Managing Office 365 Identities and Requirements.

Topics include:

  • Active Directory Connect and Office 365

  • Planning for non-routable domain names

  • Cleaning up Active Directory objects

  • Using the IDFix tool

  • Filtering Active Directory

  • Using AAD install

  • Synchronizing passwords and attributes

  • Creating and managing users and groups

  • Scheduling and forcing AD synchronization

Expand your Office skills
Explore training
Get new features first
Join Office Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.