How to Migrate Azure AD Connect to a New Server Using Staging Mode

Start by documenting and exporting your current Microsoft Entra Connect configuration. This ensures you can replicate the exact setup on your new server.

Launch the Microsoft Entra Connect configuration wizard on your current server:

Start-Process "C:\Program Files\Microsoft Azure Active Directory Connect\AzureADConnect.exe"

In the wizard, select Configure > View or export current configuration > Next > Export Settings. Save the JSON file to a location accessible from your new server, such as C:\temp\AADConnect_Config.json.

Alternative PowerShell method for complete configuration backup:

C:\Program Files\Microsoft Azure Active Directory Connect\Tools\MigrateSettings.ps1 -ServerConfiguration "C:\Temp\AADConnect_Backup"

Before installing on the new server, put your current server into staging mode. This prevents conflicts during the migration process.

Open the Microsoft Entra Connect configuration wizard again and select Configure > Enable staging mode. Check the box for "Enable staging mode: When selected, synchronization will not export any changes" and click Finish.

Verify staging mode is active by checking the synchronization scheduler:

Get-ADSyncScheduler

The output should show StagingModeEnabled: True.

Download the latest Microsoft Entra Connect from the Microsoft Download Center. Search for "Microsoft Entra Connect download" to get the current 2026 version.

Run the installer on your new server and select Customize installation option. This allows you to import your existing configuration.

During the installation wizard:

• Choose Import synchronization settings
• Browse to your exported JSON file from Step 1
• Enter the same service account credentials you documented
• Connect to the same Azure AD tenant and AD forest

On the "Ready to configure" screen, make these critical selections:

• Check "Enable staging mode"
• Uncheck "Start the synchronization process when configuration completes"

Click Install to complete the setup.

Get-ADSyncScheduler | Select-Object StagingModeEnabled

With the new server in staging mode, test the synchronization process to ensure everything works correctly before the cutover.

Open Synchronization Service Manager on the new server and verify that your connectors match the old server configuration. You should see the same AD DS and Azure AD connectors.

Run a full synchronization cycle to test the import process:

Start-ADSyncSyncCycle -PolicyType Initial

Monitor the synchronization progress in Synchronization Service Manager under the Operations tab. You should see successful import operations but no export operations (due to staging mode).

Check for any synchronization errors:

Get-ADSyncConnectorRunStatus

Custom synchronization rules don't transfer during configuration import and must be recreated manually on the new server.

On your old server, open the Synchronization Rules Editor and document any custom rules (rules not marked as "Standard"). Take screenshots or export rule definitions:

Get-ADSyncRule | Where-Object {$_.ImmutableTag -eq $null} | Export-Csv C:\temp\CustomRules.csv

On the new server, open the Synchronization Rules Editor and recreate each custom rule with identical settings:

• Rule name and description
• Connected system and object type
• Scoping filters
• Join rules
• Transformations and attribute mappings

After recreating custom rules, run a preview to test them:

Start-ADSyncSyncCycle -PolicyType Delta

Once testing is complete and you're confident the new server works correctly, perform the cutover by decommissioning the old server and activating the new one.

On the old server, uninstall Microsoft Entra Connect:

Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -like "*Azure AD Connect*"} | ForEach-Object {$_.Uninstall()}

Alternatively, use Programs and Features in Control Panel to remove "Microsoft Azure Active Directory Connect".

On the new server, disable staging mode by opening the Microsoft Entra Connect configuration wizard and selecting Configure > Disable staging mode or Enable synchronization. Click Finish.

Immediately force a synchronization cycle:

Start-ADSyncSyncCycle -PolicyType Delta

Get-ADSyncScheduler | Select-Object StagingModeEnabled

The result should show StagingModeEnabled: False.

After the cutover, thoroughly validate that synchronization is working correctly and monitor for any issues.

Check the synchronization health in the Microsoft Entra admin center:

• Navigate to Microsoft Entra ID > Hybrid management > Microsoft Entra Connect
• Verify the "Health status" shows as "Healthy"
• Check that the "Last sync" timestamp is recent

Monitor synchronization operations in Synchronization Service Manager for the next 24-48 hours. Look for:

• Successful export operations to Azure AD
• No persistent errors in the Operations tab
• Consistent object counts in connector statistics

Run these PowerShell commands to check sync status:

# Check sync scheduler status
Get-ADSyncScheduler

# View recent sync cycles
Get-ADSyncConnectorRunStatus | Select-Object ConnectorName, RunStepResults, StartDate, EndDate

# Check for sync errors
Get-ADSyncConnectorStatistics

Test user synchronization by making a small change in on-premises AD (like updating a user's department) and confirming it appears in Microsoft Entra ID within the next sync cycle.