Integrating your on-premises directories with Azure AD makes your users more productive by providing a common identity for accessing both cloud and on-premises resources. Users and organizations can take advantage of:
- Users can use a single identity to access on-premises applications and cloud services such as Office 365.
- Single tool to provide an easy deployment experience for synchronization and sign-in.
What’s Azure AD Connect?
- Password hash synchronization – A sign-in method that synchronizes a hash of a users on-premises AD password with Azure AD.
- Pass-through authentication – A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn’t require the additional infrastructure of a federated environment.
- Federation integration – Federation is an optional part of Azure AD Connect and can be used to configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and additional AD FS server deployments.
- Synchronization – Responsible for creating users, groups, and other objects. As well as, making sure identity information for your on-premises users and groups is matching the cloud. This synchronization also includes password hashes.
- Health Monitoring – Azure AD Connect Health can provide robust monitoring and provide a central location in the Azure portal to view this activity.
Step-by-Step to Install Azure AD connect
- You can download from MS download center
- Or Login to Azure Portal
- Go to Azure Active Directory and navigate to Azure AD connect and download the AD connect tool from there
- Launch the AzureADConnect.msi that you downloaded in the previous step
- Once you have chosen the server begin installation. You will choose between Express and Custom installation. This post will cover using Express settings.
- Enter your Azure AD global administrator credentials and click Next – this account is only needed for configuring AAD Connect.
- Enter the Active Directory Domain Services enterprise administrator credentials and click Next – this account is only needed for configuring AAD Connect.
- If you see the Azure AD Sign-in configuration page, review any domains not listed as Verified and verify it in Azure AD before continuing.
- Select the synchronization process when the configuration completes
- Any errors or action items will be listed in the Configuration complete page. Click Exit to complete setup.
- When you log into your Azure AD tenant and select Users, you should see new synchronized user accounts indicating that sync is working as expected.
- You can also begin assigning licenses to users in Azure at this time.