Details on Azure AD Connect (BASIC)
Microsoft has discontinued DIRSYNC and directory synchronisation tool. Instead they have released Azure AD. I have provided insight into Azure D Connect for those who didn’t know.
Azure AD Connect is a bridge solution
between an organisation’s on-prem Active Directory instance and cloud-based
Azure Active Directory. AD Connect enables IT admins to federate on-prem user
identities to the Azure platform. Actually, it’s a good way to enable single
sign-on (SSO) without having to set up an Active Directory Federation Services
(ADFS) instance. So, for Microsoft-focused organisations’, this concept of an
identity bridge solution, which is very much like the concept of Google Cloud
Directory Sync (formerly called Google Apps Directory Sync, GCDS or GADS),
makes a lot of sense. So how does Azure AD Connect and Azure AD fit in with the
rest of Microsoft’s strategy for Active Directory?
Microsoft’s strategy with Azure Active
Directory hasn’t been to deliver it as a cloud-based replacement to on-prem
Active Directory. So, in order to get these two very different services to
communicate, additional software was required. AD Connect is that software.
What Azure AD Connect does is it enables the connection (hence the name)
between these two platforms. Azure AD Connect effectively works by shuttling
identities from AD to the Azure Active Directory platform. However, AD Connect
is just one of the optional solutions that can be utilised.
For organizations leveraging Active
Directory Domain Services (AD DS), IT admins can also leverage Active Directory
Federated Services (AD FS), or, they can take advantage of Azure Active
Directory Domain Services. Azure AD Domain Services creates a domain within the
Azure platform. Ultimately, for Microsoft-centric organisations, the multitude
of identity and access management (IAM) solutions and components is part and
parcel of using the Active Directory family of products.
So, not only does Azure AD need products
like AD Connect to connect identities to on-prem resources, but an IT
organization also needs to leverage a plethora of other tools to provide users
with access to everything else they need. These tools include identity bridges
(for non-Windows systems), web application SSO platforms, multi-factor authentication
(MFA) solutions, privileged identity management tools, and much more. It’s no
surprise that all of these additional solutions add cost, but they also sap
time and resources in order to manage an organization’s identities.
In summary, Azure Active Directory (AD)
Connect (formerly known as the Directory Synchronization tool, Directory Sync
tool, or the DirSync.exe tool) is an application that you install on a
domain-joined server to synchronize your on-premises Active Directory Domain
Services (AD DS) users to the Azure AD tenant of your Office 365 subscription.
Office 365 uses Azure Active Directory (Azure AD) for its directory service.
Your Office 365 subscription includes an Azure AD tenant. This tenant can also
be used for management of your organization's identities with other cloud
workloads, including other SaaS applications and apps in Azure. Following
diagram shows the architecture:
On-premise active directory can be synched
using AZURE AD connect which is free with Azure AD for O365. You can see the
pricing here.
If
you are interested in Azure AD related solutions then, please contact Prometix for any assistance – enquires@prometix.com.au
Comments
Post a Comment