Thursday, February 05, 2015
One of the many things that I learned this week, while attending System Center Universe 2015 and the DFW System Management User Group (DFWSMUG) day-after event, was regarding the upcoming Azure AD Connect feature. Microsoft's Azure AD Connect is a single tool for connecting Windows Server Active Directory and Azure Active Directory. What does this mean for you?
Currently in order to connect on premises with your Azure cloud or tenant, there are multiple steps and configurations that must be put in place. As you may know this is not always a seamless and pain-free implementation. Setting up each one of these tools has its own special headaches from deciding which tool to use and where to locate them, to configuring and connecting everything up …. good grief, the process is endless.
Microsoft has now developed a single tool for connecting Windows Server Active Directory and Azure Active Directory. No longer do you need to deal with all the separate tools such as DirSync, AAD Connect, AAD Sync, ADFS, etc…
4 clicks and no new hardware sounds pretty good to me. And I don't have to add any additional hardware… I know that will make my clients and their admins quite happy.
Microsoft recommends the following set-up for the Single Sign On with ADFS option:
Active Directory domain
- Windows Server 2008 or higher DC (2003 FFL is OK)
- At least one DC with OS version Windows Server 2012 or higher (to support the group Managed Service Account we create for AD FS)
- The machine on which the wizard is run (and sync will be configured) must be running Windows Server 2008 R2, 2012 or 2012 R2 and must be domain joined
- The intended AD FS and/or Web Application Proxy machines must be running Windows Server 2012 R2
Gather your credentials and your certificates and you are ready to get started.
The actual 4-step instructions are as follows:
- Login to your intended sync host as an AD account.
- Execute the file AzureADConnect.msi.
- Step through the wizard.
- When you have completed the wizard experience, you should be able to perform a sign-on to the Office 365 portal using your test AD user account.
So that is all you will need to experience the new way of connecting your on premises network with you Azure AD tenant. This is the future according to Microsoft. I personally cannot wait to set this up and see how much easier life becomes by eliminating all the underlying plumbing that connects my clients to "The Azure Cloud".
"Please note there will no longer be separate releases of Azure AD Sync and Azure AD Connect. And we have no future releases of DirSync planned. Azure AD Connect is now your one stop shop for sync, sign on and all combinations of hybrid connections." (Source: Microsoft)
Want to learn more? Check out Microsoft's Azure Active Directory Connect Home.
Thanks for stopping by…..