Azure AD Connect – Connecting your infrastructure to the cloud

With the current direction the industry is heading, more and more IT environments are moving to cloud solutions. This means you need to use additional tools to keep your cloud and on-premise environments in sync to create a true Single Sign-On solution. In this article, we will be reviewing sync features of one specific tool used to keep your on-prem Windows Active Directory synced with Azure Active Directory. Introducing, Azure AD Connect. Microsoft has recently released a new version of this tool, now with additional options to help filter and sync only the attributes you need. Let’s dig in!

Filtering – Filtering is an option that can be used to limit which objects are synchronized with the cloud. By default all users, contacts, groups, and Win10 computers are synced, but you can change the filtering based on domains, OUs, or attributes. This is extremely useful when you only need to sync some users or groups to the cloud. This is one of the best features that has been added and allows for maximum syncing flexibility.

Password synchronization – Password synchronization syncs the password hash used in AD to Azure AD. The user gets to keep, and use, the same password in the cloud that they use on-prem. Since AD is used as the authority when syncing, you can also enforce your own password policy.

Password writeback – Password writeback allows users to change and reset their password in the cloud and have it synced back to on-prem. This allows users to easily manage their own passwords even when working remotely from a different network.

Device writeback – Device writeback allows a device to be registered in Azure AD to be written back to the on-prem AD so it can be used for conditional access.

Prevent accidental deletes – “Prevent accidental deletes” is a feature that is enabled by default and protects your cloud directory from numerous concurrent deletes. By default, it allows 500 deletes per run but can change this setting depending on your organization’s size.

Automatic upgrade – Automatic upgrade is also enabled by default for an express installation. It ensures your AD Azure Connect is always up to date.

In conclusion, the syncing features offered with Azure AD Connect make it a powerful tool that can be used to keep your environments in sync. If any of the features mentioned above are something you’d like to know more about, visit here for more information about Azure AD Connect setup, configuration, and deployment.