Designing an Identity Strategy
Managing Identity Sync
The course is part of these learning paths
If your organization uses Active Directory (AD) for its identity management, and you would like to use those identities in Azure or Microsoft 365, then you will need to implement Azure Active Directory Connect.
This course is divided into three sections. The first section is on designing an identity strategy. In this section, we'll look at our AD identities and consider what work needs to be done and what we need to think about ahead of time. The second section is on implementing identity synchronization using AD Connect. We will consider what needs to be synced and what authentication options are available. In the last section, we'll look at managing identity synchronization using Azure AD Connect. We'll look at what it takes to manage and sync and reconfigure options after AD Connect has been initially configured.
- Design a hybrid identity solution
- Implement Azure Active Directory Connect
- Manage synchronized identities
- Azure administrators
- Microsoft 365 administrators
- Basic understanding of Active Directory and Office 365
- To do the examples yourself, you will need an on-premises Active Directory structure and an Azure subscription
So next up in our run of demos, we're going to look at password hash sync and how we go about configuring that after we've done our initial configuration. One of the great features of Azure AD Connect is that we can go back into the configuration wizard once it's configured and change that configuration if we suddenly decide we want something turned on or off afterwards.
For example, if we want password hash sync turned on we could do this by going to the start menu on the box that has Azure AD Connect configured and click on Azure AD Connect there so this will run up the configuration wizard like we saw when we did the initial configuration. If we click on configure, we have a set of selections here that we can go through like customize synchronization options and if we go into that, click Next, it will ask us for the details of a global administrator, it will take us through similar options that we had when we initially configured it. So, I'm going to leave this set as it is and then click on Next, and interestingly enough we've got an option here to reconfigure the OUs that are synchronized so we could have used this to add in our service accounts OU that we did earlier but I'm going to leave that blank and click on Next.
So here in the optional features window we've got password hash sync here as well as password writeback and directory extension attribute sync, etcetera and we can select any of these and go ahead and configure them but I'm just going to leave password hash synchronization configured here because that's what I'm interested in so I just go to Next and it will check for the installed components and then right at the end I can click on Configure and that will go away and start synchronizing those passwords in the background. Once that configuration is done we simply need to click on Exit to close out the installation wizard.
Matt is a freelance system administrator with over 20 years of experience in IT. His current focus is on the great features of Microsoft Azure and Office 365. He’s always had a fascination for anything techie and loves learning and sharing that knowledge.