top of page
Search

Step by Step Installation and Setup of Azure AD Connect

Updated: Feb 20

In this blog, I will be explaining how to configure Azure AD Connect the tool to sync On-prem accounts to the cloud and provide a secure way of accessing resources across both On-prem and Azure AD



What is a Hybrid identity? & Why?


Hybrid identities allow organizations to use the same identity solution for both On-premises and Cloud-based solutions, with hybrid identity users on cloud and On-prem accessing the resources regardless of the location and providing unified authentication and authorization capabilities and accessing applications and underlying data securely.


Azure AD Connect


AAD Connect will help to connect between On-Premises Active directory and the cloud-based Azure Active Directory, this allows for the synchronization of identities from On-prem to Azure and ensures a consistent identity across both platforms.


Prerequisites


You need an Azure AD tenant

Add and verify the Custom Domain

On-Premises Active Directory schema version and forest level must be windows server 2003 or later

For more detailed prerequisites please visit Microsoft Doc: Link


Install and Configure Azure AD Connect


As per the prerequisites I have On-Prem Active Directory and Azure AD Tenant, you can download the latest Azure Ad connect MSI package from this link


Steps to install Azure AD Connect


Download the Azure Ad Connect application -> tap on the MSI package this will pop up user account control -> tap on yes to continue


Azure ad connect application will get installed


Tap on Finish to complete the installation


Once installed you can see the Azure AD connect on the desktop or in start-up -> Double click on Azure AD Connect to configure Azure AD connect.


Steps to configure Azure AD Connect


Tick the box for accepting the license terms and privacy notice -> Tap on Continue



This will take you to the next page and here you will have two options one to use express settings and customize, Custome settings will allow configuring every option where Express Settings will install Azure AD Connect with by default settings, for more details please refer to the Link


In this blog, I will be using express settings


On this page enter the Global Admin account to connect with Azure AD and tap on next



Enter the Enterprise admin account to connect with On-prem AD and tap on next



This will fetch the available UPN Suffix, to add UPN Suffix on the Domain controller please refer to my blog How to Add UPN Suffix Link



You can see my custom domain anandpnair.com and it's been verified, select the option continue without matching all UPN suffixes to the verified domain, and tap on next



This will take you to the ready to configure page, you can select start the synchronization process when the configuration is completed or this can be manually initiated once the installation is completed, click on Install to complete the configuration.



This will configure Azure AD Connect, wait until the configuration gets completed this will take some time



Once it's completed this will provide the complete details and tap on Exit



Search for the application named Synchronization Service Manager, time this will throw the below error, please sign out and sign in and try to open the application this will open connector operation details


By default, the sync time is 30 minutes if you need to initiate sync you can use the below PowerShell commands to initiate a sync

  1. Delta sync modified objects

  2. Initial will initiate a full sync

Login to Azure AD for validating the AD connect sync settings, you can see in my tenant

  1. Sync Status Enabled

  2. Last Sync Less than 1 hour ago

  3. Password Hash Sync Enabled


You can see two Identities as yes under Directory Synced and the rest all as no, the ones highlighted are the On-Prem Identities synced to the cloud using the Azure Ad Connect Sync tool



Conclusion


In conclusion, Azure AD Connect is an essential tool for organizations looking to implement a hybrid identity solution. By following the steps outlined in this guide, you can successfully install and configure Azure AD Connect to synchronize your on-premises Active Directory with Azure Active Directory. This synchronization ensures a unified identity management system, providing seamless access to resources across both environments. With Azure AD Connect, you can enhance security, streamline authentication, and improve the overall efficiency of your IT infrastructure. Make sure to regularly monitor the sync status and validate the settings to maintain a robust and secure hybrid identity environment.


Commenti

2023-02-01_17-26-41.jpg
About Me

Thank you for taking the time to visit my website. My name is Anand P, and I work as a Senior Engineer in IT. This blog is dedicated to providing articles on various Microsoft technologies such as Intune, Azure AD, Microsoft Defender for Endpoint, Azure, EMS, M365, Security, and more. Most of the content on this blog is based on the solutions and issues I encounter in my everyday work, and I use this platform as a technical notebook to keep track of my findings. Please note that any views expressed in my posts on this site are solely my own. Also, any code, scripts, demos, or examples provided in the blog posts are only for illustration. I hope you find my blog posts informative and useful.

Never Miss a Post. Subscribe Now!

Thanks for submitting!

  • LinkedIn
  • YouTube

Copyright © 2024 by Cloud Tek Space.

bottom of page