Search This Blog

Wednesday, December 17, 2014

Azure Active Directory Connect (AD Connect) with Password Sync

Azure Active Directory Connect (AD Connect) with Password Sync

Azure AD Connect is "new" because it is now one integrated tool that includes all the advances of AAD Sync and Dirsync.
The Azure AD Connect wizard Public Preview 1 provides a guided experience for integratingone or multiple Active Directory forests with Microsoft Azure AD.  Optionally you can configure Exchange Hybrid deployment, password change write-back, AD FS and Web Application Proxy.
NOTE:- Azure AD Connect Public Preview 1 is recommended to be run in a lab environment and not in a production AD or AAD environment. To get the installer, click here.
If you plan to run on production environment, please download
Azure Active Directiory Dir Sync from here.
AAD Sync capabilities include the following;
  • Active Directory and Exchange multi-forest environments can be extended now to the cloud.
  • Control over which attributes are synchronized based on desired cloud services.
  • Selection of accounts to be synchronized through domains, OUs, etc.
  • Ability to set up the connection to AD with minimal Windows Server AD privileges.
  • Setup synchronization rules by mapping attributes and controlling how the values flow to the cloud.
  • Preview AAD Premium password change and reset to AD on-premises.
Let begin the AD Connect configuration
1
After installation , double click AD connect icon on your desktop
image_thumb
Accept the license agreement and click Continue
image_thumb[2]
Note:- Before install this tool, remember to add .Net Framework 3.5 features first.
The AD Connect tool will download and install
  • MS Online Services Sign in Assistant
  • Windows Azure Active Directory Module for Windows Powershell
  • Azure AD Sync Engine
image_thumb[4]
Enter Azure AD Credential
image
Next page will asking about Express setting (default using password sign on) or Customize (allow to select password or Single Sign On)
image
Below screen is how it look when select “Customize”
image
Let select “Password Sync” ..
Enter your Active Directory credential
image
Select optional features
  • Exchange hybrid deployment
- Allow for co-existence of exchange mailboxes both on-premise and in Azure by synchronizing a specific set of attributes from Azure AD back into your on-premise directory.
  • Password write back
- this option allow password changes that originates with Azure AD will be written back to your on-premise directory
image
  • Specify identify user in on-premise directories and Azure
image
image
Final step
image
image
[Verification in Microsoft Azure AD]
You will notice on-premise user account has sync to Azure AD
image