Microsoft has discontinued DIRSYNC and directory synchronisation tool. Instead they have released Azure AD. I have provided insight into Azure D Connect for those who didn’t know.
Azure AD Connect is a bridge solution between an organisation’s on-prem Active Directory instance and cloud-based Azure Active Directory. AD Connect enables IT admins to federate on-prem user identities to the Azure platform. Actually, it’s a good way to enable single sign-on (SSO) without having to set up an Active Directory Federation Services (ADFS) instance. So, for Microsoft-focused organisations’, this concept of an identity bridge solution, which is very much like the concept of Google Cloud Directory Sync (formerly called Google Apps Directory Sync, GCDS or GADS), makes a lot of sense. So how does Azure AD Connect and Azure AD fit in with the rest of Microsoft’s strategy for Active Directory?
Microsoft’s strategy with Azure Active Directory hasn’t been to deliver it as a cloud-based replacement to on-prem Active Directory. So, in order to get these two very different services to communicate, additional software was required. AD Connect is that software. What Azure AD Connect does is it enables the connection (hence the name) between these two platforms. Azure AD Connect effectively works by shuttling identities from AD to the Azure Active Directory platform. However, AD Connect is just one of the optional solutions that can be utilised.
For organizations leveraging Active Directory Domain Services (AD DS), IT admins can also leverage Active Directory Federated Services (AD FS), or, they can take advantage of Azure Active Directory Domain Services. Azure AD Domain Services creates a domain within the Azure platform. Ultimately, for Microsoft-centric organisations, the multitude of identity and access management (IAM) solutions and components is part and parcel of using the Active Directory family of products.
So, not only does Azure AD need products like AD Connect to connect identities to on-prem resources, but an IT organization also needs to leverage a plethora of other tools to provide users with access to everything else they need. These tools include identity bridges (for non-Windows systems), web application SSO platforms, multi-factor authentication (MFA) solutions, privileged identity management tools, and much more. It’s no surprise that all of these additional solutions add cost, but they also sap time and resources in order to manage an organization’s identities.
In summary, Azure Active Directory (AD) Connect (formerly known as the Directory Synchronization tool, Directory Sync tool, or the DirSync.exe tool) is an application that you install on a domain-joined server to synchronize your on-premises Active Directory Domain Services (AD DS) users to the Azure AD tenant of your Office 365 subscription. Office 365 uses Azure Active Directory (Azure AD) for its directory service. Your Office 365 subscription includes an Azure AD tenant. This tenant can also be used for management of your organization’s identities with other cloud workloads, including other SaaS applications and apps in Azure. Following diagram shows the architecture:
On-premise active directory can be synched using AZURE AD connect which is free with Azure AD for Office 365 Support . You can see the pricing here.
If you are interested in Azure AD related solutions then, please contact Prometix for any assistance — enquires@prometix.com.au
