Tech Thursday: Managing Office 365 with Azure AD Connect

Tech Thursday: Managing Office 365 with Azure AD Connect

Once you’ve decided that Office 365 is the right choice for your company, you’ll want to make it as easy as possible for your users to access all of its services. One way to do this is to synchronize your on-premise Active Directory with Azure AD. This lets your users have one password for both on-premises and Office 365 services -- making life easier for them, and making management much easier for you. Better yet, Azure AD is free with any paid Office 365 subscription -- all you need to do is set it up.

1. Gather Prerequisites

There are a few things that you need to have in order before you start syncing. First, you’ll need to make sure that your AD domain name is added and verified in your Azure tenant. Sign in to the Azure Portal, navigate to Azure Active Directory, and then select “Custom Domain Names”. There you can add your AD domain name -- it will need to be a public domain like .com, .net or .org -- and verify that you own it by modifying a DNS record.

Next, download and run the IdFix tool from Microsoft. This will identify clean up any duplicate objects or other inconsistencies that could affect the synchronization.

Finally, you’ll want to make sure that the AD Recycle Bin feature is enabled. By default, Azure AD has a recycle bin-like feature, so enabling it on your on-prem AD will make things simpler if you do need to restore a deleted user account.

2. Install Azure AD Connect and Synchronize

Download Azure AD Connect from Microsoft. On the server that will become your sync server, locate the MSI and double click to start the setup.

For most small to medium-sized organizations that are only using a single AD domain, you’ll be able to use the Express Settings option, so click “Use Express Settings”. On the next page, enter your Office 365 credentials, and click Next. Then, enter the credentials for a local domain administrator account.

On the last page, check the box “Start the synchronization process when configuration completes”, and then click Install.

3. Assign Office 365 Licenses to Users

If all goes well with the synchronization, you’ll be ready to assign Office 365 licenses to your users. This will give them access to the Office 365 tools that they need.

Sign in to the Office 365 Admin Portal, then go to Users > Active Users. You’ll see a list of your AD users that have synchronized to Office 365. Click the checkbox next to each user to whom you would like to assign a license, then select Bulk Actions > Edit Product Licenses.

Then, move the slider to “On” for the product license that you would like to assign to that user. Then, click Add.

And that’s it! You've synchronized your on-prem Active Directory users to Office 365 and granted them access. They can now log on with their existing username and password and begin to use Office 365 features.

 

E-N Computers is a leading provider of cloud-based IT services in Virginia and Washington, DC. If you would like additional help with moving your company to Office 365, please contact us for a free consultation.