Azure AD Connect and Azure AD Connect Health installation roadmap
Install Azure AD Connect
Important
Microsoft doesn’t support modifying or operating Azure AD Connect sync outside of the actions that are formally documented. Any of these actions might result in an inconsistent or unsupported state of Azure AD Connect sync. As a result, Microsoft can’t provide technical support for such deployments.
You can find the download for Azure AD Connect on Microsoft Download Center.
| Solution | Scenario |
|---|---|
| Before you start – Hardware and prerequisites | Steps to complete before you start to install Azure AD Connect. |
| Express settings | If you have a single forest AD then this is the recommended option to use.User sign in with the same password using password synchronization. |
| Customized settings | Used when you have multiple forests. Supports many on-premises topologies.Customize your sign-in option, such as pass-through authentication, ADFS for federation or use a 3rd party identity provider.Customize synchronization features, such as filtering and writeback. |
| Upgrade from DirSync | Used when you have an existing DirSync server already running. |
| Upgrade from Azure AD Sync or Azure AD Connect | There are several different methods depending on your preference. |
After installation you should verify it is working as expected and assign licenses to the users.
Next steps to Install Azure AD Connect
| Topic | Link |
|---|---|
| Download Azure AD Connect | Download Azure AD Connect |
| Install using Express settings | Express installation of Azure AD Connect |
| Install using Customized settings | Custom installation of Azure AD Connect |
| Upgrade from DirSync | Upgrade from Azure AD sync tool (DirSync) |
| After installation | Verify the installation and assign licenses |
Learn more about Install Azure AD Connect
You also want to prepare for operational concerns. You might want to have a stand-by server so you easily can fail over if there is a disaster. If you plan to make frequent configuration changes, you should plan for a staging mode server.
| Topic | Link |
|---|---|
| Supported topologies | Topologies for Azure AD Connect |
| Design concepts | Azure AD Connect design concepts |
| Accounts used for installation | More about Azure AD Connect credentials and permissions |
| Operational planning | Azure AD Connect sync: Operational tasks and considerations |
| User sign-in options | Azure AD Connect User sign-in options |
Configure sync features
Azure AD Connect comes with several features you can optionally turn on or are enabled by default. Some features might sometimes require more configuration in certain scenarios and topologies.
Filtering is used when you want to limit which objects are synchronized to Azure AD. By default all users, contacts, groups, and Windows 10 computers are synchronized. You can change the filtering based on domains, OUs, or attributes.
Password hash synchronization synchronizes the password hash in Active Directory to Azure AD. The end-user can use the same password on-premises and in the cloud but only manage it in one location. Since it uses your on-premises Active Directory as the authority, you can also use your own password policy.
Password writeback will allow your users to change and reset their passwords in the cloud and have your on-premises password policy applied.
Device writeback will allow a device registered in Azure AD to be written back to on-premises Active Directory so it can be used for Conditional Access.
The prevent accidental deletes feature is turned on by default and protects your cloud directory from numerous deletes at the same time. By default it allows 500 deletes per run. You can change this setting depending on your organization size.
Automatic upgrade is enabled by default for express settings installations and ensures your Azure AD Connect is always up to date with the latest release.
Next steps to configure sync features
| Topic | Link |
|---|---|
| Configure filtering | Azure AD Connect sync: Configure filtering |
| Password hash synchronization | Password hash synchronization |
| Pass-through Authentication | Pass-through authentication |
| Password writeback | Getting started with password management |
| Device writeback | Enabling device writeback in Azure AD Connect |
| Prevent accidental deletes | Azure AD Connect sync: Prevent accidental deletes |
| Automatic upgrade | Azure AD Connect: Automatic upgrade |
VISUAL STUDIO CODE
Un éditeur de code source léger mais efficace, qui fonctionne sur votre ordinateur de bureau et disponible pour Windows, macOS et Linux. TÉLÉCHARGER
PIRATE
LE LIVRE Du Bon 