In this first section we will prepare Active Directory for use with Azure Active Directory Connect. So in this first section, we will mostly be talking about some of the concepts that go into setting the table before you do the installation of the actual Azure Active Directory Connect tool. So for better or worse, we're going to be spending a lot of time just talking through the process before we get to the actual demonstration of the Azure Active Directory Connect tools and how it then facilitates synchronization.
We'll do most of the demonstration as this course continues. So again, we're looking at how to prepare the Active Directory environment for use with a cloud-based Office 365 implementation as we go through the lessons in this section. And so what I want to start with is identifying the three players, as it were, when you're using Azure Active Directory Connect. And the three players are Office 365, it is Azure Active Directory, and it is an on-premises installation of Active Directory on a Windows domain controller, and I say domain controller, I'm talking about a Windows server machine that has been configured in the role of a domain controller.
So this is a very common scenario. In this scenario, the organization has probably existed for a while and then has added an Office 365 subscription in order to support its productivity software needs, which is just kind of the fancy way of saying that the company wants to run Office and it's had a domain controller for a while. So what now exists for that organization is that they have an Office 365 subscription, they have enabled Azure Active Directory as part of that subscription that supports that Office 365 tenant, and they have an on-site domain controller to handle log ins, security policies, software distribution policies, and so-on.
So, now we have two separate entities: we have the Azure Active Directory and we have the on-premises Active Directory, and we want to sync them up because we don't want to have an environment where we have users using one account to access Office 365 resources, and a separate account to log in and access internal IT resources. So the tool that makes this happen, of course is something called Azure Active Directory Connect, and it's actually the latest and greatest tool.
There was, once upon a time, other tools and they were actually sort of casing questions on those other tools. One of the names of the tools that preceded Azure Active Directory Connect was Azure Active Directory Sync. So here are the capabilities that Azure Active Directory Connect makes possible for an organization. When you're using this tool, users can sign in using a single identity.
So you have one log in and that grants you access to all resources, whether they be internal resources, or Office 365 resources. Another capability is that you have a single tool for synchronization and sign in, and as I mentioned just a moment ago, the Azure Active Directory Connect tool provides the newest capabilities. That tool that I just mentioned, Active Directory Sync, which was also known as DirSync, Directory Sync, it is now being deprecated as of April 2017.
So, if there is an organization that is currently using DirSync, they can still use DirSync, but the tool that you need to be aware of and you need to be learning in terms of practical administration and in terms of 70-346 preparation is the Azure Active Directory Connect tool. Now, once you have downloaded and installed this in your environment and it's providing the synchronization services on your Active Directory domain controller with your Office 365 Azure Active Directory environment, these are the services that is provides.
It provides the synchronization services. This component is responsible for helping create and synchronize the user's groups and other objects in Active Directory. It's also responsible for making sure identity information for your on-premises users and groups is matching what exists in the cloud, or in other words in your Azure Active Directory environment. Another service that is provided by this tool is Active Directory Federation Services, now this is an optional part of Azure Active Directory Connect tool and can be used to configure a hybrid environment by forwarding a logon request.
So a full discussion of that is beyond the scope of this course and in fact, it is the topic of another course in the Office 365 Administration track. There is a separate course that deals mostly with Azure Active Directory and Federation Services. The last component or service provided by this tool is health monitoring. Azure Active Directory Connect can provide robust monitoring and provide a central location in Azure Active Directory, in that portal on Office 365, where you can view health activity.
So that's another component of Azure Active Directory Connect that you should be aware of. Now in terms of this course, what we're going to be focusing mostly on is the synchronization services. What is provided, how it operates, and how we will, as administrators, configure those synchronization services.
LinkedIn Learning is an online learning platform that combines industry-leading content from Lynda.com with LinkedIn’s professional network of more than 500 million member profiles to provide highly personalized course recommendations and a more intuitive learning experience. Learn more.
Learn from recognized industry experts, and get the business, tech, and creative skills that are most in demand.
Receive personal recommendations based on your LinkedIn profile.
Stream courses from your computer or mobile device.
Take courses for every level – beginner to advanced.
Practice while you learn with quizzes, exercise files, and coding windows.
Provide learning for your team or entire organization, with an easy to use experience for managing users, curating content and measuring engagement
For businesses with 150+ licenses Request Office 365 onboarding assistance from FastTrack
You can request remote and personalized assistance with onboarding. Our FastTrack engineers will help you plan your Office 365 project, assess your technical environment, provide remediation guidance, and provide user adoption assistance. For businesses with at least 500 licenses, Microsoft also provides personalized assistance to migrate data to Office 365.
See the FastTrack Center Video: http://aka.ms/meetfasttrack
Get started today: http://fasttrack.microsoft.com
Tip: Businesses with 1-149 licenses still have access to FastTrack guidance via links in the Admin Center and also available at https://aka.ms/setupguidance.
Network and system admins can prepare on-premises directories and connect to Azure to take advantage of managing Office 365 groups and users using common identities. Preparation, setup, and administration steps are demonstrated in this course using the Azure Active Directory (AAD) Connect tool. This course is designed to provide you with a better understanding of domain controllers, identity management, synchronization, and more. This course is also an exam preparation resource with topics that map to a corresponding domain in the Office 365 70-346 exam: Managing Office 365 Identities and Requirements.
Active Directory Connect and Office 365
Planning for non-routable domain names
Cleaning up Active Directory objects
Using the IDFix tool
Filtering Active Directory
Using AAD install
Synchronizing passwords and attributes
Creating and managing users and groups
Scheduling and forcing AD synchronization