Install the Azure AD Connect Tool

To allow on-premises AD users to login to cloud services like Office 365, we need to configure the Azure AD Connect Tool.

For the purpose of this post, the ADSync Tool will be installed on the ADFS server that I have running in my environment.

To start the process the Tool can be downloaded from the below link.

https://www.microsoft.com/en-us/download/confirmation.aspx?id=47594

Before we can start the installation, we need to install the required roles and features on the server by running the following.

Add-WindowsFeature net-framework-45-features -IncludeAllSubFeature

Once the feature installation is done, restart the server from the same PowerShell console, by running the following.

Restart-Computer

The service account used for the AD Connect Tool should have its password set to never expire. To do this the following can be run.

Set-MSolUser -userprincipalname “dirsync@o365cloudlab.onmicrosoft.com” -PasswordNeverExpires:$true

Now that all the prerequisite has been done, go ahead and start the installation for AD Connect.

Double click the AzureADConnect msi file and agree to the license terms and click continue.

Click Use express settings

Provide the credentials of an Global Admin user /service account.

Provide the on-premise service account details for the ADConnect Tool.

Ps. The service account must be a member of the Enterprise Admins Group in Active Directory.

Finally click on Install

The setup completes and give, an output of some recommendations based on your environment.

The Tool can be access from the Desktop by clicking on the Azure AD Connect short cut.

To view the current sync schedule run the following.

Import-Module ADSync

Get-ADSyncScheduler

To start a new Delta Sync, run the following.

Start-ADSyncSyncCycle -PolicyType Delta

To start a Full Sync, run the following.

Start-ADSyncSyncCycle -PolicyType Initial

More Details on Azure AD Connect can be found here

#ThatLazyAdmin

@ShaunHardneck