Azure AD Integration with On-premise Active Directory
I want to talk about how you can test and simulate Integration between Onpremise Active Directory to Azure Active Directory. This article talks about step by step process to achieve the same.
- Login to https://portal.azure.com
- Go to Azure active directory → click on Users → create a new user → gove the name as “testuseronpremise” →Add role as “Global adminstrator”. This user we are going to use for On-premise to Azure AD connectivity.
- Now as a part of Demo as I am going to create new Azure Virtual Machine which will act as On-premise server for us.
- Once you login to Azure Virtual Machine → go to Add Roles and Features → enable
- Active Directory Domain Services
5. Now lets configure Domain controller, if you have existing domain controller then you can select 1st option if not then please select 3rd option.
6. Now select Domain controller options and assign a new password
Finally it will ask you to restart virtual machine. After Domain controller setup VM machine will be restarted. Please login again few mins. It will start applying Group policies (may take 10–15mins).
7. Now to have a integration between Azure Active Directory with On-premise active directory, download AD Connect tool from Microsoft downloads site.
Download Microsoft Azure Active Directory Connect from Official Microsoft Download Center
Azure AD Connect allows you to quickly onboard to Azure AD and Office 365
8. Now lets start installation → click on AzureADConnect.exe file → click on “I agree to the license terms and privacy notice”
9. As we are doing it for the first time as a good practice let the system to select it’s own settings → so in our case i have click on “Express settings”.
Now it is going to ask for credentials for the user which needs to be Integrated between Azure AD and On-premise AD
Now in order to connect to recently installed ADDS we have to enter user id/password
Next it will ask for Azure AD sign-in configuration, Please select the option below “Continue without matching all UPN suffixes to verified domains”.
Next it will start configuring the system, Again the configuration may take close to 15mins max.
10. Now lets try to create some test user in On-premise Active Directory and try to sync it to Azure AD.
Click on Start → select “Active directory Users and Computers” → Once the domain is open → go to Users → right click and select New → User
Only for demo purpose i have selected the option “Password never expires”
Now we have new user which is created in our On-premise Active Directory.
Now lets try to migrate user from On-premise to Cloud.
Click on Azure AD Connect option on your desktop → select the option “Customize synchronization options” →
It will validate your credentials → next it will ask if you have multiple forests then you can go ahead and select. as we just have only 1
Next it will ask for actual sync of the services from On-premise active directory. So in our case as we have created a new user in On-premise active directory and this user we want to migrate to azure, so i am going to expand the tree.
On a next screen it is going to ask optional features which you want for your On-premise active directory to Azure AD
after that it will Ready to configure
Finally click on configure (select the option “Start the synchronization process when configuration completes”)
11. Now for validation i will go back to Azure Active directory → go to users → you can see new user automatically synced from On-premise active directory.