This post is part of a series, for the series contents see:
After all the prep, the actual installation of Azure AD Connect is the easy bit.
You can get the download from within the Azure portal or simply go here.
Simply kick off the installer and agree to the terms and conditions:
Next up, you get the choice of customising the install or just going with the express settings. For most cases the express settings will be fine, but if you do want to customise it there are some details here.
Essentially, you get some choices on:
- Install location – it’s so minimal that I wasn’t that bothered.
- Using a SQL Server as opposed to SQL Express – No point unless your dealing with a really large AD forest.
- Service accounts and custom sync groups – This might be useful, I guess, depending on the standards in your environment. You might want to specify groups and a service account with your own naming standards.
- Auto-upgrade – the express settings enable this by default to make sure that the product stays “evergreen”. This is pretty cool and seems to be a model that Microsoft are moving towards recently.
- Synch settings – by default it synchronises all attributes which was fine for me. Saying that, though, I think I’ll do a post later to show how to setup some filters.
The screen looks like this:
Next up you need to specify an account with Global Admin rights on the Azure AD side of things. Glad I prepared one of those in the previous post:
With the Azure side of the equation sorted, the next step is to provide details of an account with Enterprise Admin rights over the on-premise directory. Once again, in good old Blue Peter style, I’d prepared one of those earlier:
And that’s pretty much it. It’ll then start the sync process:
Before finally letting you know that everything is complete:
The thing is that, even though it says it’s complete, the directory synchronisation process will probably still be running in the background. I verified this by logging into Azure and checking my sync status:
Notice the “Sync has never run” status? Well once I gave it a few minutes that sorted itself out and I had a cloud directory with some users. Job’s a good’un!