Reading Time: < 1 minute


A server which hosts the Microsoft Online Services Directory Synchronization tool for replicating the on-prem AD to Microsoft Cloud Services (Azure, O365). You plan the upgrade to AAD Connect and during the upgrade process, you stumble upon the following error.

DirSync is configured with options that cannot be automatically upgraded to Azure AD Connect


The issue is clearly related with Security Permissions, more precisely the account that you initiated the upgrade process to AAD Connect is not a member of local security group “MIISAdmins”. Members of this group have full access to FIM (Forefront Identity Manager).

Thanks for reading!