Details on Azure AD Connect (BASIC)

-

Microsoft has discontinued DIRSYNC and directory synchronisation tool. Instead they have released Azure AD. I have provided insight into  Azure D Connect for those who didn’t know.

Azure AD Connect is a bridge solution between an organisation’s on-prem Active Directory instance and cloud-based Azure Active Directory. AD Connect enables IT admins to federate on-prem user identities to the Azure platform. Actually, it’s a good way to enable single sign-on (SSO) without having to set up an Active Directory Federation Services (ADFS) instance. So, for Microsoft-focused organisations’, this concept of an identity bridge solution, which is very much like the concept of Google Cloud Directory Sync (formerly called Google Apps Directory Sync, GCDS or GADS), makes a lot of sense. So how does Azure AD Connect and Azure AD fit in with the rest of Microsoft’s strategy for Active Directory?

Microsoft’s strategy with Azure Active Directory hasn’t been to deliver it as a cloud-based replacement to on-prem Active Directory. So, in order to get these two very different services to communicate, additional software was required. AD Connect is that software. What Azure AD Connect does is it enables the connection (hence the name) between these two platforms. Azure AD Connect effectively works by shuttling identities from AD to the Azure Active Directory platform. However, AD Connect is just one of the optional solutions that can be utilised.

For organizations leveraging Active Directory Domain Services (AD DS), IT admins can also leverage Active Directory Federated Services (AD FS), or, they can take advantage of Azure Active Directory Domain Services. Azure AD Domain Services creates a domain within the Azure platform. Ultimately, for Microsoft-centric organisations, the multitude of identity and access management (IAM) solutions and components is part and parcel of using the Active Directory family of products.

So, not only does Azure AD need products like AD Connect to connect identities to on-prem resources, but an IT organization also needs to leverage a plethora of other tools to provide users with access to everything else they need. These tools include identity bridges (for non-Windows systems), web application SSO platforms, multi-factor authentication (MFA) solutions, privileged identity management tools, and much more. It’s no surprise that all of these additional solutions add cost, but they also sap time and resources in order to manage an organization’s identities.

In summary, Azure Active Directory (AD) Connect (formerly known as the Directory Synchronization tool, Directory Sync tool, or the DirSync.exe tool) is an application that you install on a domain-joined server to synchronize your on-premises Active Directory Domain Services (AD DS) users to the Azure AD tenant of your Office 365 subscription. Office 365 uses Azure Active Directory (Azure AD) for its directory service. Your Office 365 subscription includes an Azure AD tenant. This tenant can also be used for management of your organization's identities with other cloud workloads, including other SaaS applications and apps in Azure. Following diagram shows the architecture:



On-premise active directory can be synched using AZURE AD connect which is free with Azure AD for O365. You can see the pricing here. 

If you are interested in Azure AD related solutions then, please contact Prometix  for any assistance – enquires@prometix.com.au

 

Comments

Post a Comment

Popular posts from this blog

Microsoft 365 Records Management Compliance

-
As a SharePoint consulting practice, we at Prometix had a chance to implement a Microsoft 365 Records Management service This is a fairly new service and Microsoft announced in May the commercial release of the Microsoft 365 Records Management service. This service, which lets organisations apply "labels" to documents, as well as machine learning to automatically apply those labels, is designed to address legal compliance tracking issues for organisations. Microsoft claims it'll help demonstrate compliance with regulations through defensible audit trails and proof of destruction. This will assist in integrating with Business Intelligence such PowerBI, and artificial intelligence such as Azure services. The Records Management service is currently available through the  Microsoft 365 Compliance Center . Organisations need to have Microsoft 365 E5/A5 or Microsoft 365 Insider Risk Management licenses to use the service, which gives them the rights to automatically apply ...
Read more

Data Governance with Azure Purview

-
Image
The modern workplace his a data-centric world. Organisations are always increasing the amount of data they must collect, store, and analyse to inform critical business decisions and measure their organisation’s performance. As data becomes increasingly important, so do the tools needed to discover, manage, and track information in the absence of a data governance program. In the absence of a data governance program, the decisions made about key data systems are made by association staff who “own” the system. When there are different owners for systems (which is very common), the result is inconsistencies in data availability, collection, usability, integrity, and security. This instantly causes data quality problems. It also can negatively impact user experience if there is no integration or procedures to update the existing data within your environment. If you and your organisation find yourselves in such a predicament, Prometix highly recommends deploying an Azure Purview solution....
Read more

Collaboration with SharePoint VS MS Teams

-
With all the hustle and bustle of the workplace, it can be hard to find exactly what you’re looking for or know who to ask. Defining who is working on what and how they’re involved in the project isn’t always a simple task. Although SharePoint has made managing and sharing content easier, it still isn’t as seamless as its end users would hope. Being able to access content and applications all in one place is useful but doesn’t solve the problem of how to organize information that is only relevant to certain groups. The main goal of SharePoint is to facilitate collaboration, but when content is broadcasted to the entire organization, it can make end users unsure which information applies to them. Microsoft has acknowledged this issue with the creation of its new collaboration tools, SharePoint team sites and Microsoft Teams . These allow end users to create separate areas specifically designed for certain projects they’re working on and for the teams they’re working with. By organizi...
Read more