Search This Blog

Friday, March 20, 2015

Synchronize Directory to Azure Using Microsoft Azure Active Directory Sync Services (AAD Sync)

 

We have been busy with recent project on Enterprise Mobility Suite (EMS) and the first tool that we are going to use is using Directory Synchronization tool. We used to use DirSync to synchronizes users, password, security groups, distribution lists, contacts, etc. However DirSync tool has been replaced by AAD Sync (Azure Active Directory Sync Services)

Here is a quick directory synchronization tool comparison:

Tools Description
DirSync support for single forest syncronization
AAD Sync support single and multi forest synchronization
Password write
AAD Connect Includes AAD Sync
Will assist to setup ADFS
Will assist to setup Web Application Proxy

In this articles, we are going to deploy AAD Sync

[Download AAD Sync]

To download – [Last update Feb 2015] – Click here

[Installation]

  • Define the location to install the Azure AD Sync

aadir1

  • Click on Install . It will install few components such as SQL Express, Synchronization Services. This will take a while

image

  • Enter the Azure AD Account which has global administrator right and click Next. Remember to “Activate” Directory Synchronization in Azure.

image

  • Enter your domain admin authentication and forest name. It will install AD connector services

image

Define the user matching attribute

image

  • On Optional features page, select an additional features that AAD Sync perform. Example
      • Exchange Hybrid Deployment
      • Password Synchronization
      • Password write back
      • Azure AD App and attribute filtering

image

  • Click Configure and wait for AAD Sync tool to perform the changes

image

Just wait for a while and it will start to sync directory to Azure. To check the result, go to Azure Management Portal and able to view on-premise user and group has sync to Azure Directory.

It is still a simple tool and work exactly like DirSync

For other tool, please check out