Upcoming Perks of Azure Active Directory Connect Tool
Microsoft recently published more information about its Azure Active Directory Connect tool, which will replace its DirSync and Azure Active Directory Sync tools.
Azure AD Connect is currently at the preview stage, but Microsoft has previously suggested that the finished product will get generally released sometime in May. The Azure AD Connect tool is a wizard that IT pros can use to connect premises-based AD to Microsoft's cloud-based Azure AD service. Organization may not want to use software at the beta stage, though, to accomplish such tasks. Moreover, it can be confusing to know which sync tool to use, since Microsoft presently has four of them.
This week, Microsoft announced that it had updated an MSDN article on its directory integration tools to better show the capabilities of its three current AD synchronization tools, plus Forefront Identity Manager 2010 R2, which also has AD sync capabilities. Microsoft plans to update the Forefront Identity Manager 2010 R2 product with a new Microsoft Identity Manager product sometime in the first half of this year.
The MSDN article shows that the Azure AD Connect preview will be getting most of the new features that Microsoft is planning for its AD sync tools. However, all of those capabilities currently are either at the preview stage or are "coming soon."
The new premises-to-cloud synchronization features coming to the Azure AD Connect tool include the following capabilities:
- Connect to single on-premises LDAP [Lightweight Directory Access Protocol] directory
- Connect to multiple on-premises LDAP directories
- Connect to on-premises AD and on-premises LDAP directories
- Synchronize customer-defined attributes (directory extensions)
The new cloud-to-premises synchronization features coming to the Azure AD Connect tool include the following capabilities:
- Writeback of users and groups objects
- Writeback of customer-defined attributes (directory extensions)
In contrast, the Forefront Identity Manager 2010 R2 tool currently has the ability to support the setup and installation of Windows Server 2008 and Windows Server 2008 R2, which doesn't appear to be part of Microsoft's plans for the Azure AD Connect tool.
Microsoft currently recommends using the sync tool that best addresses an organization's AD integration needs. Now it has provided a somewhat handy list in the updated MSDN article so that IT pros can make those kinds of decisions
Microsoft also announced last week that it is planning to add its Azure Access Control Service into Azure AD "in the coming months." The preview will permit IT pros to federate "social identity providers, and later custom identity providers to Azure AD," according to Alex Simons, director of product management for the Microsoft Identity and Security Division. That's mostly a perk for developers to simplify app access.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.