Hi, I thought you had a more in-depth video on AAD Connect architecture that included supported topologies & much more detail in general. I cannot find it, am I mistaken?? Thanks!
It will be good to see best practice to design hybrid cloud identity org structure , say if corp. had well established ad and then wants to move eventually to move to cloud in few years , how would we design org structure , most of enterprise are in this situation
Great Video Man, One Question I have is, What Stuff is Synced from AAD to AD, because I have read in few docs apart from Password writeback nothing is replicated from AAD to AD. PS: Correct Me if I am wrong
Hello Aqib, Please check the link mentioned below. docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-sync-attributes-synchronized#exchange-hybrid-writeback
Thanks! i have one question. For our environment i have 1 AAD server with 1 SQL (database) and also 1 AAD (Passive) Staging and 1 SQL passive. What is is here the correct steps if i do a Failover? Should i do first a Full import on Staging servers? Then Full Sync?
Full import or full sync only requird if we have done any changes to configurations e.g sync rules/ou filtering. By default all changes replicates to staging server as per sync cycle only export do not runs on staging server. If your staging server is not up to date then full import and full sync is required
@Dar Fahad -> The fundamental of setting up azure aad connect is to sync on-premise identities to the cloud, so the users can get access to all the pre-integrated SAAS application as per the assignment. Also setting up ADFS on-prem and federated identities is one of the method available for authentication.
Thanks for the kind words. For architecture we have only uploaded this video but for every feature a new video is in pipeline and will be uploaded soon. Thank you..!!
Hi, Great!!! I would like to know the URLs and IPs to allow through a firewall for AAD connect outbound trafic. And also if there is a proxy, the configuration on the server side. The microsoft guide is too vague about is too general.
There are no custom links or ip's which you can add or remove, practically majority of enterprise does follow the same microsoft article, as it is only outbound connectivity which is required.
very nice video. can you post the commands to run when we make changes on the on prem ad and in the same way when we make any changes on the azure ad ?
While installing you can select PTA and from the other features section, you can also select password sync. Pass-through Authentication does not automatically failover to password hash synchronization, if there are any issues with PTA agents. SOURCE - docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta-faq
@Ashray -> Thank you for your response. Please let us know which component you want us to cover, and we will be happy to create more videos. Thank you...!!