Microsoft Azure Active Directory Connect connects on-premises identity infrastructure with Microsoft Azure Active Directory.
Azure Active Directory connects businesses through Azure Active Directory integration with local directories. It streamlines the processes as well, so that fewer tools are necessary.
Azure AD Connect Sync is the prime component of Azure AD Connect.
This synchronisation service runs between the Active Directory and Azure Active Directory.
Azure Active Directory Connect brings down on-premises footprint, as it reduces the need to deploy multiple servers. It includes the following features:
Password Hash Synchronisation
Sign-in method that allows accomplishing hybrid identity.
Pass-through Authentication
Sign-in method allowing users use same password both on-premises as well as cloud. Moreover, it does not need any additional infrastructure of federated environment.
Federation Integration
An optional section of the Azure Active Directory Connect, it is used for configuring a hybrid environment.
Synchronisation
This facilitates creation of groups, users and other objects.
Health Monitoring
It ensures a robust monitoring system. It also comes with a centralised location in the Azure portal for viewing this activity.
Installation and Configuration of Azure Active Directory Connect
To install Azure Active Directory Connect, you must have the following prerequisites
- Windows Server 2012
- Net framework 3.5 SP1
- .net framework 4.0
- 70 GB HDD
- 4GB RAM
The server needs internet access, particularly access to Azure Active Directory Connect service.
Make sure the User Principal Name matches the email address of the user. This will facilitate easy sign-in.
To install the Azure Active Directory Connect service, complete the following steps:
- Download Azure Active Directory Connect.
- Run the installation tool and click Customize if you do not want to synchronise all accounts.
- Choose a sign-in option.
NOTE: Most organisations select Password Hash Synchronization.
- Click Next.
- To create a synchronisation account in Office 365 tenant, provide your Office 365 Global Administrator log in details.
- To synchronise a single Active Directory, click Add Directory.
- To add Active Directory connection, use your enterprise administrator log in details.
- Click OK.
- Click Next.
- To use Exchange Hybrid immediately, select userPrincipalName.
NOTE: You must run IDFix and align the primary SMTP address value to UPN.
- You can continue without matching the UPN suffixes to the verified domains.
- If you cannot match the value of User Principal Name with the custom domain and do not plan to use Exchange Hybrid right now, you can use the alternate log in ID.
- After you complete the configuration and select all optional features you want to enable, perform the initial synchronisation.
- After the synchronisation, navigate to Microsoft 365 admin center to find out whether the synchronisation is done.
There are a number of configuration options available and you must consider them if you have more than simply basic needs. This blog does not cover all configuration options. We have just provided a few guidelines if you want to install and configure Azure Active Directory Connect to support usage of tools like Microsoft Teams.
