X
06Sep

How to Sync On-premise AD with Windows Azure AD using Azure AD Connect tool

 

Azure AD is a service that provides identity and access management capabilities in the cloud. Azure AD can be integrated with existing on-premise AD for providing single sign-on functionality for their users to access the cloud applications. So it is essential for organizations to keep the credentials in both on-premise AD and Azure AD to be in sync. To solve the sync issues, we have Azure Active Directory connect tool, which provides one-way synchronization from on-premise AD to Azure AD.

 

Prerequisites

  • Windows Server 2008R2 SP1 or Higher
  • Only 64 bit version supported
  • .Net framework 3.5 SP1 and .net framework 4.0
  • Install Active Directory Domain Services role on your local machine and promote it to a Domain Controller

 

Test Lab Environment:

  • Active subscription for Azure Active Directory
  • On-premise AD server (Windows Server 2012)
  • Azure AD connect tool

Synchronizing on-premise AD to Azure AD involves the following steps

Create Azure AD and Activate Azure AD Connect

  • Login to azure management console,
  • From the left hand bottom portion of the menu click "New".
  • Now a new page opens, in which navigate to NEW > APP SERVICES > ACTIVE DIRECTORY > DIRECTORY and click CUSTOM CREATE as shown below,

 

http://www.ecanarys.com/sites/default/files/rakesh.av-546/1.png

 

  • Provide the name for your directory, choose your domain name and the country of your choice.

http://www.ecanarys.com/sites/default/files/rakesh.av-546/2.png

 

  • Now the Azure Active Directory has been created successfully.
  • To activate the Directory Sync for the created AD, from the left pane select Active Directory, then in the Active Directory page, click the Azure AD and select the DIRECTORY INTEGRATION tab. Then click ACTIVATED and finally click SAVE to confirm the changes.

http://www.ecanarys.com/sites/default/files/rakesh.av-546/3.png

  • Now Azure AD Sync has been activated successfully.

2. Download and Install Azure AD Connect tool in on-premise AD

  • Login to windows azure management console from your base machine..
  • In the DIRECTORY INTEGRATION menu of your Azure AD, scroll to bottom section and download the Azure AD connect tool as shown below,http://www.ecanarys.com/sites/default/files/rakesh.av-546/4.png

 

 

After downloading the Azure AD Sync tool proceed with the installation steps as shown below,

  • Agree with the License agreements and privacy rules, click continue.

 

http://www.ecanarys.com/sites/default/files/rakesh.av-546/5.png

 

  • Choose whether you would go with an express installation or a customized installation. In this blog, I will be using customized installation

http://www.ecanarys.com/sites/default/files/rakesh.av-546/6.png

  • Now provide the credentials of user account with administrator permissions in on premise AD to grant the permission to install the Azure AD connect synchronization service and click install.

http://www.ecanarys.com/sites/default/files/rakesh.av-546/7.png

  • Select the single sign on method for user sign in as below and click next

http://www.ecanarys.com/sites/default/files/rakesh.av-546/8.png

 

 

 

  • Connect to azure active directory providing the credentials of a global admin user pre-existing in the directory and click next

http://www.ecanarys.com/sites/default/files/rakesh.av-546/9.png

·         Enter connection information for your on premise directory or forests and click on add directory

 

http://www.ecanarys.com/sites/default/files/rakesh.av-546/10.png

 

·         Since we do not have a verified custom domain, choose the check box saying continue without verified domains (users will not be able to use on-premise credentials to Azure AD sign-in) and click next.

http://www.ecanarys.com/sites/default/files/rakesh.av-546/11.png

 

  • In the next dialog box, you will be provided with the option to sync all the domains or the selected domain.
  • Select the domain of your choice and click next.

http://www.ecanarys.com/sites/default/files/rakesh.av-546/12.png

 

·         Select how the users should be identified in your on-premise directory and click next.

 

http://www.ecanarys.com/sites/default/files/rakesh.av-546/13.png

 

  • In the opted domain, you can further choose whether to include all users and groups or a selected group and user respectively
  • I have typed in my group name azure and clicked on resolve to have the below parameters auto populated
  • Click on next

http://www.ecanarys.com/sites/default/files/rakesh.av-546/14.png

 

·         Select other enhanced functionality if required by your organization and click next.

http://www.ecanarys.com/sites/default/files/rakesh.av-546/15.png

 

  • The Azure AD connect tool in now ready to synchronise the on-premise AD with the azure AD. Click on install to complete the process

http://www.ecanarys.com/sites/default/files/rakesh.av-546/16.png

·         The configuration is now complete and you can verify in your azure AD that the user accounts have been created

http://www.ecanarys.com/sites/default/files/rakesh.av-546/17.png

 

Below are the two users that were created and added to the azure group for demo purpose

http://www.ecanarys.com/sites/default/files/rakesh.av-546/18.png

 

 

To confirm the sync between on-premise AD with Azure AD, login to windows azure management console and navigate to Active Directory > Azure AD > Users. In the Users list, now I confirm that the user account created in on-premise AD is synchronized with Windows Azure AD as shown below,

 

http://www.ecanarys.com/sites/default/files/rakesh.av-546/19.png

 

Hereby we have synchronized the on-premise AD with Windows Azure AD using Azure AD Connect tool. 

 

 

 

  

 

 

Related

Azure Blob Storage: The PowerShell Way!

Hi folks!Great to see you again.This blog post is purely based on Azure Blob Storage: The PowerShell...

Read More >

Create a Windows Server 2012 R2 VM using ARM in Azure PowerShell

Hi Folks,In this Blog Post we will learn how to create an Azure ARM Virtual Machine using Azure Powe...

Read More >

Continuous Integration/ Continuous Deployment VSTS

Following the below steps you can build and deploy your ASP.NET  app to Azure from either Visua...

Read More >

Creating a Point-to-Site Connectivity using Azure Resource Manager

Configure a Point-to-Site connectivity to a VNet using PowerShell (ARM Mode)Task 1: Create a Self-Si...

Read More >

How to Create an Azure Virtual Network by using a Deployment Template

Hello Folks!In this Blog post, we will try to learn how to create an Azure V-Net using an ARM templa...

Read More >

Locking VMs and Resources Groups with Azure Resource Manager using Azure PowerShell

Hello Folks!In this blog post we will be talking about locking down your Azure Resources with Azure ...

Read More >

Microsoft Azure: Implementing Internet Facing Load Balancers using Azure Resource Manager

Howdy Folks!I was exploring Network Load Balancer in Azure Resource Manager and found out that you c...

Read More >

Microsoft Azure Stack : Power of Azure in our datacentre

Why Azure Stack?Microsoft Azure Stack is a new hybrid cloud platform product that enables our organi...

Read More >

Microsoft Azure : Mobile Services - Xamarian.Android with .Net

NOTE: Microsoft Azure recommends Azure App Service Mobile Apps for all new mobile backend deployment...

Read More >

Microsoft Azure : The cloud for modern business

 Why Azure? Microsoft Azure: Cloud Computing Platform and Services Move faster Save Money ...

Read More >

Share

Comments

This design is steller! You most certainly know how to keep a reader entertained.Between your wit and your videos, I was almost moved to stgart myy own blog (well, almost...HaHa!) Great job. I reallly loved whhat you had to say, and more than that, how youu presented it. Too cool!Kamagra precio orden Kamagra Oral Jelly
4/22/2020 11:54:39 AM | Reply
The date on this article at the top left says "06 Sep". It would be very helpful to know the year that this article was written, to determine how current the information is.Thanks in advance,David Kreimer
4/20/2020 1:05:16 PM | Reply
Thanks for sharing active directory management tips. for more info i rfer cion systems active directiry mangement in USA.
1/26/2020 1:29:00 PM | Reply

Post a Comment

  • Recent
  • Popular
  • Tag
Tags
Monthly Archive
Subscribe
Name

Contact Us
  • *
  • *