How to Sync On-premise AD with Windows Azure AD using Azure AD Connect tool - Blogs

How to Sync On-premise AD with Windows Azure AD using Azure AD Connect tool


Azure AD is a service that provides identity and access management capabilities in the cloud. Azure AD can be integrated with existing on-premise AD for providing single sign-on functionality for their users to access the cloud applications. So it is essential for organizations to keep the credentials in both on-premise AD and Azure AD to be in sync. To solve the sync issues, we have Azure Active Directory connect tool, which provides one-way synchronization from on-premise AD to Azure AD.



  • Windows Server 2008R2 SP1 or Higher
  • Only 64 bit version supported
  • .Net framework 3.5 SP1 and .net framework 4.0
  • Install Active Directory Domain Services role on your local machine and promote it to a Domain Controller


Test Lab Environment:

  • Active subscription for Azure Active Directory
  • On-premise AD server (Windows Server 2012)
  • Azure AD connect tool

Synchronizing on-premise AD to Azure AD involves the following steps

Create Azure AD and Activate Azure AD Connect

  • Login to azure management console,
  • From the left hand bottom portion of the menu click "New".
  • Now a new page opens, in which navigate to NEW > APP SERVICES > ACTIVE DIRECTORY > DIRECTORY and click CUSTOM CREATE as shown below,


  • Provide the name for your directory, choose your domain name and the country of your choice.


  • Now the Azure Active Directory has been created successfully.
  • To activate the Directory Sync for the created AD, from the left pane select Active Directory, then in the Active Directory page, click the Azure AD and select the DIRECTORY INTEGRATION tab. Then click ACTIVATED and finally click SAVE to confirm the changes.

  • Now Azure AD Sync has been activated successfully.

2. Download and Install Azure AD Connect tool in on-premise AD

  • Login to windows azure management console from your base machine..
  • In the DIRECTORY INTEGRATION menu of your Azure AD, scroll to bottom section and download the Azure AD connect tool as shown below,



After downloading the Azure AD Sync tool proceed with the installation steps as shown below,

  • Agree with the License agreements and privacy rules, click continue.


  • Choose whether you would go with an express installation or a customized installation. In this blog, I will be using customized installation

  • Now provide the credentials of user account with administrator permissions in on premise AD to grant the permission to install the Azure AD connect synchronization service and click install.

  • Select the single sign on method for user sign in as below and click next




  • Connect to azure active directory providing the credentials of a global admin user pre-existing in the directory and click next

·         Enter connection information for your on premise directory or forests and click on add directory


·         Since we do not have a verified custom domain, choose the check box saying continue without verified domains (users will not be able to use on-premise credentials to Azure AD sign-in) and click next.


  • In the next dialog box, you will be provided with the option to sync all the domains or the selected domain.
  • Select the domain of your choice and click next.


·         Select how the users should be identified in your on-premise directory and click next.


  • In the opted domain, you can further choose whether to include all users and groups or a selected group and user respectively
  • I have typed in my group name azure and clicked on resolve to have the below parameters auto populated
  • Click on next


·         Select other enhanced functionality if required by your organization and click next.


  • The Azure AD connect tool in now ready to synchronise the on-premise AD with the azure AD. Click on install to complete the process

·         The configuration is now complete and you can verify in your azure AD that the user accounts have been created


Below are the two users that were created and added to the azure group for demo purpose



To confirm the sync between on-premise AD with Azure AD, login to windows azure management console and navigate to Active Directory > Azure AD > Users. In the Users list, now I confirm that the user account created in on-premise AD is synchronized with Windows Azure AD as shown below,


Hereby we have synchronized the on-premise AD with Windows Azure AD using Azure AD Connect tool. 








Azure App Service Scaling Features And Capabilities

How to scale the application in Azure App Service. There are two workflows for scaling, scale up and...

Read More >

Azure App Service (Build And Host Web Apps, Mobile-Back Ends Without Managing Infrastructure)

In this blog we will see what is Azure App Service, and it’s  features and why do we use it, we can...

Read More >

Azure Blob Storage: The PowerShell Way!

Hi folks!Great to see you again.This blog post is purely based on Azure Blob Storage: The PowerShell...

Read More >

Create a Windows Server 2012 R2 VM using ARM in Azure PowerShell

Hi Folks,In this Blog Post we will learn how to create an Azure ARM Virtual Machine using Azure Powe...

Read More >

Continuous Integration/ Continuous Deployment VSTS

Following the below steps you can build and deploy your ASP.NET  app to Azure from either Visua...

Read More >

Creating a Point-to-Site Connectivity using Azure Resource Manager

Configure a Point-to-Site connectivity to a VNet using PowerShell (ARM Mode)Task 1: Create a Self-Si...

Read More >

How to Create an Azure Virtual Network by using a Deployment Template

Hello Folks!In this Blog post, we will try to learn how to create an Azure V-Net using an ARM templa...

Read More >

Locking VMs and Resources Groups with Azure Resource Manager using Azure PowerShell

Hello Folks!In this blog post we will be talking about locking down your Azure Resources with Azure ...

Read More >

Microsoft Azure: Implementing Internet Facing Load Balancers using Azure Resource Manager

Howdy Folks!I was exploring Network Load Balancer in Azure Resource Manager and found out that you c...

Read More >

Microsoft Azure Stack : Power of Azure in our datacentre

Why Azure Stack?Microsoft Azure Stack is a new hybrid cloud platform product that enables our organi...

Read More >


Try DevOpSmartBoard Ultimate complete Azure DevOps End-to end reporting tool

Sign Up

  • Recent
  • Popular
  • Tag
Monthly Archive

Contact Us
  • *
  • *