Cloud Provisionning

Cloud Provisionning

Comments 0 Comment
Azure AD Connect - Cloud Provisionning

Azure AD Connect cloud provisionning meet the needs for hybrid management. The following advantages are offered by this functionality.

Synchronizing an Azure AD from a multi-forest disconnected Active Directory forest. The disconnected Active Directory forest is isolated from the already synchronized Active Directory forest.

Simplified installation with agents. The agents have the function of bridge between Active Directory and Azure AD. The synchronization configuration is managed in the cloud.

Possibility to use several provisioning agents in order to have a high availability.

Install AAD Connect cloud provisioning agent

From the Azure AD portal http://aad.portal.azure.com, click on Azure AD Connect then on Manage provisionning.

Azure AD Connect - Cloud Provisionning

Click on Download agent for download install file of the agent.

Cloud Provisionning - Download agent

A new windows appear, click on Accept terms & Download.

Cloud Provisionning - Download agent

AAD Agent can now be downloaded.

Cloud Provisionning - Download agent

Run the previously downloaded file. A wizard appear, check I agree to the licence terms and privacy notice and click on Install.

Cloud Provisionning - Install agent

Install is in progress …. If you install agent on Domain controller, you may encounter a permission problem. The service will not start and an error appears during installation. Change the account used by the service to an administrator account. At the installation level, click Retry.

Cloud Provisionning - Install agent
Configure services

When installation is finished, a new windows appear. Enter the credential of the Azure global admin account or user with delegated right.

Configure services

Select your Active Directory forest and click on Add Directory.

Add ad Forest

Enter the credential of user Active Directory. My user does not have administrative rights. I only granted him the right to Replicating Directory Changes and Replicating Directory Changes All at the root of the domain (necessary for synchronizing the password hash).

Configure user account for synchro

Configuration is now complete, click on Confirm.

Confirm configuration of agent

Click on Exit when configuration is finished.

Exit agent

On Azure AD portal, click on Review all agents for see all installed agents.

View all installed agents

The list of agent appear.

View all installed agents

Create new configuration

From the Azure AD portal, click on Azure AD Connect then on Manage provisionning.

CloudProvisionning15

Click on New configuration for create new configuration.

Create new configuration

A new windows appear, click on All users for change the scope. If possible to synchronize all users or select organizational unit or selected security groups. I choose to synchronize security groups, so I check selected security groups.

Select groups for synchronization
Select groups for synchronization

Enter email address for receive notification if provisionning is not healthy. Click on Enabled for enable configuration and click on Save.

Save configuration

Configuration has been applied.

Configuration has been applied

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.