Install Azure AD Connect

Install Azure AD Connect

In the previous article, we did run Microsoft IdFix to identify errors such as duplicates and formatting problems in the on-premises directory. To sync on-premises identity infrastructure to Microsoft Azure AD, we will install and configure Azure AD Connect step by step.

What is Azure AD Connect?

Azure AD Connect is a tool for connecting on-premises identity infrastructure to Microsoft Azure AD. The wizard deploys and configures prerequisites and components required for the connection, including sync and sign on. Azure AD Connect encompasses functionality that was previously released as Dirsync and AAD Sync. These tools are no longer being released individually, and all future improvements will be included in updates to Azure AD Connect.

Download Azure AD Connect

Download Azure AD Connect for free. Download Microsoft Azure Active Directory Connect from the Microsoft Download Center. In this article, we will install Azure AD Connect version 1.5.45.0, which is the latest.

Azure AD connect release notes

Microsoft keeps a changelog for Azure AD Connect. It’s best practice to keep Azure AD Connect up to date with the latest version. Scroll through the changes and see what’s new and which bugs got fixed!

Azure AD Connect requirements

Make sure that you meet the Azure AD Connect installation prerequisites. The minimum requirements are:

Hardware

  • 1.6 GHz CPU
  • 4 GB Memory
  • 70 GB Hard drive size

Server

  • .NET Framework 4.5.1 or later
  • Domain-joined Windows Server 2012 or later
  • Windows Server full GUI
  • Windows Server Core isn’t supported

Before installing Azure AD Connect

At the moment, there are no users configured in Azure AD/Office 365. There is only one active user account, which is the Microsoft 365 tenant administrator.

Microsoft 365 admin center before

Install and configure Azure AD Connect

Installing Azure AD Connect on the domain controller is supported, but Microsoft doesn’t recommend that. It’s best to install Azure AD Connect on a separate domain-joined Windows Server. In this example, we will use the domain controller for demonstration purposes.Do not install additional software or roles on Domain Controllers.

After downloading Azure AD Connect, run the setup. Agree to the license terms and click Continue.

Azure AD Connect Welcome

Click on Customize for a custom install. It will give you all the options which you can decide for yourself.

Azure AD Connect Express Settings

Click Install.

Azure AD Connect Required Components

Select Password Hash Synchronisation. Click Next.

Azure AD Connect User Sign-In

Enter the Azure AD global administrator credentials. Click Next.

Connect to Azure AD

Click on Add Directory.

Azure AD Connect Connect Directories

Select Create new AD account. Fill in the administrator credentials. Click OK.

Azure AD Connect AD forest account

The Active Directory is added. Click Next.

Azure AD Connect Active Directory added

Select Continue without matching all UPN suffixes to verified domains. Click Next.

Azure AD Connect Azure AD sign-in

You can sync all domains and OUs. In our example, we will only sync the Company OU and sub-OUs.

Azure AD Connect Domain/OU Filtering

Click Next.

Azure AD Connect Identifying users

Click Next.

Azure AD Connect Filtering

Select Exchange hybrid deployment.

Azure AD Connect Optional Features

Select Start the synchronization process when configuration completes. Click Install.

Azure AD Connect Configure

Azure AD Connect configuration completed. Click Exit.

Azure AD Connect Configuration Complete

After installing Azure AD Connect

Sign in to the Microsoft 365 admin center, you can see that a new user is displayed. That’s the Azure AD connector account created by Azure AD Connect setup, which will sync AD objects between on-premises AD and Azure AD.Azure AD Connect setup creates a total of three accounts.

On-Premises Directory Synchronization account

Click the start menu on the Windows Server. Search and start the application Synchronisation Service. It already did start a synchronization: the first time a full import is made, a full synchronization, and an export.

Click on the domain.onmicrosoft.com with the profile name Export. Click on Adds in the Export Statistics.

Synchronization Service Manager

These objects are exported with success from on-premises AD to Azure AD. You can double-click on each Distinguided Name to identify the user object.

Synchronization Service Object Details

Refresh the Microsoft 365 admin center and verify the users.

Microsoft 365 admin center after

Everything looks great. We did successfully install and configure Azure AD Connect.

In the next article, we will run the Hybrid Configuration Wizard.

Conclusion

In this article, you learned how to install and configure Azure AD Connect. Before you start, make sure that you meet the prerequisites for installation. After the Azure AD Connect installation completes, synchronization will occur automatically every 30 minutes. In the Microsoft 365 admin center, you can verify the synced on-premises AD users. Don’t forget to upgrade Azure AD Connect when a new release is available.

Leave a Reply

Your email address will not be published. Required fields are marked *