image
Where Our Identities are Mastered

Contents

Introduction
1
Introduction
PREVIEW2m 39s
Summary
14
Summary
54s

The course is part of these learning paths

MS-102 Exam Prep: Microsoft 365 Administrator
17
3
1
Managing User Identity and Roles in Microsoft 365 - Level 2
3
Implementing and Managing Identity and Access in Microsoft 365 - Level 2
9
SC-300 Exam Prep: Microsoft Identity and Access Administrator
16
1
3
1
MS-500 Exam Preparation: Microsoft 365 Security Administration
38
17
3
1
MS-100 Exam Preparation: Microsoft 365 Identity and Services
29
1
4
more_horizSee 3 more
Start course
Overview
Difficulty
Advanced
Duration
27m
Students
2421
Ratings
4.7/5
starstarstarstarstar-half
Description

If your organization uses Active Directory (AD) for its identity management, and you would like to use those identities in Azure or Microsoft 365, then you will need to implement Azure Active Directory Connect.

This course is divided into three sections. The first section is on designing an identity strategy. In this section, we'll look at our AD identities and consider what work needs to be done and what we need to think about ahead of time. The second section is on implementing identity synchronization using AD Connect. We will consider what needs to be synced and what authentication options are available. In the last section, we'll look at managing identity synchronization using Azure AD Connect. We'll look at what it takes to manage and sync and reconfigure options after AD Connect has been initially configured.

Learning Objectives

  • Design a hybrid identity solution
  • Implement Azure Active Directory Connect
  • Manage synchronized identities

Intended Audience

  • Azure administrators
  • Microsoft 365 administrators

Prerequisites

  • Basic understanding of Active Directory and Office 365
  • To do the examples yourself, you will need an on-premises Active Directory structure and an Azure subscription
Transcript

When managing our synced identities, one key bit of information we need to remember is the fact that objects are mastered in our on-premise AD structure. So this means that if we need to make changes and edits to any of our users, this needs to be made on our on-prem AD structure. Once those changes are made, Azure AD Connect will then synchronize those up to Azure AD, and you'll see those changes after the next synchronization run. 

Also, another interesting fact is that when objects are deleted on-prem, they are soft deleted in Azure AD. So if we delete one of our users on-prem, that user will be removed in Azure AD, but it'll go into an area where it can be restored within 30 days. So if we have the AD Recycle Bin enabled on our on-premise AD structure, we can restore that object, wait for the next sync cycle, and that object will reappear in Azure AD.

About the Author
Avatar
Matt Browne
System Administrator
Students
2420
Courses
1

Matt is a freelance system administrator with over 20 years of experience in IT. His current focus is on the great features of Microsoft Azure and Office 365. He’s always had a fascination for anything techie and loves learning and sharing that knowledge.

Covered Topics

Microsoft 365Microsoft AzureSecurity for AzureAzure Active DirectoryIdentity and Access ManagementSecurityBusiness SuitesMicrosoft 365 - Security and Access