Integrating your on-premises directories with Azure AD makes your users more productive by providing a common identity for accessing both cloud and on-premises resources. Users and organizations can take advantage of:

  • Users can use a single identity to access on-premises applications and cloud services such as Office 365.
  • Single tool to provide an easy deployment experience for synchronization and sign-in.

What’s Azure AD Connect?

  • Password hash synchronization – A sign-in method that synchronizes a hash of a users on-premises AD password with Azure AD.
  • Pass-through authentication – A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn’t require the additional infrastructure of a federated environment.
  • Federation integration – Federation is an optional part of Azure AD Connect and can be used to configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.
  • Synchronization – Responsible for creating users, groups, and other objects. As well as, making sure identity information for your on-premises users and groups is matching the cloud. This synchronization also includes password hashes.
  • Health Monitoring – Azure AD Connect Health can provide robust monitoring and provide a central location in the Azure portal to view this activity.

Video Walk-through

Step-by-Step to Install Azure AD connect

  • You can download from MS download center
  • Or Login to Azure Portal
  • Go to Azure Active Directory and navigate to Azure AD connect and download the AD connect tool from there
  • Launch the AzureADConnect.msi that you downloaded in the previous step
  • Once you have chosen the server begin installation. You will choose between Express and Custom installation. This post will cover using Express settings.
  • Enter your Azure AD global administrator credentials and click Next – this account is only needed for configuring AAD Connect.
  • Enter the Active Directory Domain Services enterprise administrator credentials and click Next – this account is only needed for configuring AAD Connect.
  • If you see the Azure AD Sign-in configuration page, review any domains not listed as Verified and verify it in Azure AD before continuing.
  • Select the synchronization process when the configuration completes
  • Any errors or action items will be listed in the Configuration complete page. Click Exit to complete setup.
  • When you log into your Azure AD tenant and select Users, you should see new synchronized user accounts indicating that sync is working as expected.


Leave a Reply