Microsoft Previews Tool for Streamlining Azure AD Connections
Microsoft announced a beta this week of a new setup tool for IT pros called "Azure Active Directory Connect."
Azure AD Connect is a software wizard that reduces the steps required to set up and use Microsoft's cloud-based access and identity management service. IT pros can use the wizard to simplify the linking of their local AD implementation with the Microsoft Azure AD service. The wizard, when run with its Express Settings option, takes "only 4 clicks" to perform the setup and synchronization steps, according to Microsoft's announcement.
The new wizard is available for testing via the Microsoft Connect site here. It's not clear when Microsoft plans to roll out a version ready for production environments.
Currently, the wizard only works when organizations have a single AD forest to connect with the Azure AD service. However, Microsoft plans to support multiple AD forests with a future Azure AD Connect release.
Microsoft claims that the wizard streamlines the setup process by cutting out the time IT pros might otherwise have had to spend in reading through manuals or using other tools. Azure AD Connect performs the following steps as the user clicks through dialog boxes, according to Microsoft's announcement:
- Downloads and installs pre-requisites like the .NET Framework, Azure Active Directory PowerShell Module and Microsoft Online Services Sign-In Assistant
- Downloads, installs and configures DirSync (and in the future, AAD Sync), and enables it in your Azure tenant
- Configures either password sync or AD FS, depending on which sign-on option you prefer, and including any required configuration in Azure
- Checks to make sure it's all working!
The wizard performs the configuration both locally and in the cloud. It has an option for adding single sign-on with federation via Microsoft Azure, as well as an option for adding password synchronization on top of federation, if that's wanted as "a fall back option."
IT pros still face some manual setup steps when connecting a local AD with the cloud-based Azure AD. However, Microsoft's announcement indicated that the wizard will suggest what needs to be done.
Microsoft plans to improve the wizard in a future release so that it supports all of the options of its Azure AD Sync Services. Those improvements include some user-matching options across forests, hybrid Exchange environment support, and application and attribute filtering.
Microsoft released a second beta of its Azure AD Sync Services late last month. Azure AD Sync Services eventually will replace Microsoft's Directory Services (DirSync) sometime this year. DirSync is going away, in part, because it can't presently support multiple on-premises AD forests.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.