Install Azure AD Connect

This guide provides detailed instructions for installing and configuring Azure AD Connect to synchronize your on-premises Active Directory with Azure Active Directory (now Microsoft Entra ID).

Prerequisites

Before you begin, ensure you have the following:

• An Azure subscription with an Azure AD tenant.
• Global Administrator credentials for your Azure AD tenant.
• Enterprise Administrator credentials for your on-premises Active Directory forest.
• A server for Azure AD Connect. It's recommended to use a domain-joined member server. Ensure it meets the hardware and software requirements.
• Network connectivity between the Azure AD Connect server and your domain controllers, as well as outbound connectivity to Azure AD endpoints.

Installation Steps

1. Download Azure AD Connect

Download the latest version of Azure AD Connect from the Microsoft Download Center.

2. Run the Installer

1. Launch the downloaded executable file.
2. Accept the license terms and privacy notice.

3. Express Settings vs. Custom Settings

You will be presented with two options:

• Express settings: This is the recommended option for most scenarios. It uses default configurations for common setups.
• Customize: This option allows you to configure specific settings, such as existing a specific sync server, enabling features like password hash synchronization or pass-through authentication, or specifying a custom installation location.

Using Express Settings

If you choose Express settings:

1. Sign in to Azure AD with your Global Administrator credentials.
2. Sign in to your on-premises Active Directory with your Enterprise Administrator credentials.
3. Configure the sign-in method (e.g., Password Hash Synchronization, Pass-through Authentication, Federation).
4. Click "Install" to begin the installation and configuration process.

Using Custom Settings

If you choose to customize, you will be guided through several configuration pages:

1. Required components: Ensure all required components are selected.
2. User sign-in: Choose your desired sign-in method.
3. Connect to Azure AD: Sign in to Azure AD.
4. Connect your directories: Add your on-premises Active Directory forest(s) and provide credentials.
5. Azure AD sign-in configuration: Configure how users will be identified in Azure AD.
6. Filter users and devices: Optionally filter which OUs or users are synchronized.
7. Optional features: Select additional features like Password writeback, Device writeback, Exchange hybrid deployment, etc.
8. Ready to configure: Review your selections and click "Install".

4. Installation Complete

Once the installation is complete, the Azure AD Connect wizard will show a confirmation screen. It's highly recommended to enable the "Start the synchronization process when configuration completes" option.

Post-Installation Tasks

• Verify Synchronization: Check the Azure AD Connect Synchronization Service Manager and the Azure AD portal to confirm that objects are synchronizing correctly.
• Configure Alerts: Set up email alerts for synchronization errors or other critical events.
• Explore Features: Familiarize yourself with optional features like Password Writeback, Device Writeback, and Group Writeback.
• Troubleshooting: Refer to the Troubleshooting Azure AD Connect documentation for common issues and solutions.

Next Steps

After successfully installing Azure AD Connect, consider configuring features such as:

• Password writeback
• Device writeback
• Seamless single sign-on (SSO)
• Conditional Access policies