Azure AD Connect / Office 365
I have a few questions about synchronizing my local AD passwords to Office 365 so the users do not have 2 different sets of passwords. All of our email services have been moved to Office 365 entirely, the previous local instance of Exchange has been eliminated from the domain.
The situation that we have is that the account names in Office 365 do match what we have in our on premise AD, but are not synchronized. This is a small deployment, so all the O365 accounts were created manually and the mailboxes migrated. I really just want to be able to synchronize the passwords on the existing accounts, I'm not interested in synchronizing all of the other many service, unrelated user objects.
Can anyone point me in the right direction for using the Azure Connect tool when the accounts are already in Office 365? I can just see this turning into a mess if I don't do this carefully.
The situation that we have is that the account names in Office 365 do match what we have in our on premise AD, but are not synchronized. This is a small deployment, so all the O365 accounts were created manually and the mailboxes migrated. I really just want to be able to synchronize the passwords on the existing accounts, I'm not interested in synchronizing all of the other many service, unrelated user objects.
Can anyone point me in the right direction for using the Azure Connect tool when the accounts are already in Office 365? I can just see this turning into a mess if I don't do this carefully.
ASKER
Yes, I'm going to use the AD Connect, already decided on that, but am unsure what is going to happen since the accounts were not originally created/synced with it originally and exist locally and in Office 365.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Install Azure AS Sync on a domain controller. You will need both your Admin account for office 365 and create an local AD service account with admin privileges in AD for Azure to utilize.
Go through the installation process and done. I have it for our company with 125 users. It works great.
See Link for more information:
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect
See Link for download of Azure AD Connect:
https://www.microsoft.com/en-us/download/details.aspx?id=47594
Jason Wiggs
CCIE / MCITP / MCSE / VCP5 / CCP
Senior System Engineer
Go through the installation process and done. I have it for our company with 125 users. It works great.
See Link for more information:
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect
See Link for download of Azure AD Connect:
https://www.microsoft.com/en-us/download/details.aspx?id=47594
Jason Wiggs
CCIE / MCITP / MCSE / VCP5 / CCP
Senior System Engineer
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
a) Use Active Directory Federation Services (AFDS) so that only one password is used across both services. Requires one or more ADFS servers installed to connect Office 365 with your Domain Services.
b) Use Password Synching services with Azure AD Connect, which syncs your AD passwords to the cloud. See article
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-implement-password-synchronization