sync on-premises AD Server with MS-Azure AD Server

Configuring the Internet Domain Name for use with Azure Active Directory

1. Navigate to https://manage.windowsazure.com on your browser
    
2. Select ACTIVE DIRECTORY found near the bottom of the right hand side menu 
    
   
3. In the Active Directory window, click your provided Directory Name
    
4. In the Directory window, click DOMAINS found in the top menu
    
   
5. Click the ADD button located in the menu at the bottom of the page
    
6. On the ADD DOMAIN page, enter the Internet Domain Name to be utilized for the sync
    
   
7. Click the checkmark box enabling the ability for single sign-on with your local Active Directory
    
8. Click ADD to complete the task of adding the domain

Step 2: Configuring the Internet Domain Name for use with Azure Active Directory

1. Return back to the ACTIVE DIRECTORY window
    
2. Select DIRECTORY INTEGRATION found in the top menu
    
   
3. Select ACTIVATED
    
4. Click SAVE located in the menu at the bottom of the page
    

Step 3: Configuring the sync of the on premise AD users and passwords to Azure Directory

1. Download the Azure Active Directory Sync Tool
    
2. Install the Azure Active Directory Sync Tool on a domain controller with Administrative rights
    
   Note: The Azure Active Directory Sync Tool can be installed on a domain joined computer. The sync will fail however if the computer is disabled.
    
3. On the first Azure Active Directory Sync Setup window, click Next
    
4. On the next window, Accept the Terms and click Next
    
5. On the next window, specify the installation path or leave the default and click Next
    
6. Click Next once the installation is complete
    
7. On the first Azure Active Directory Sync Configuration Wizard window, click Next
    
8. On the next window, provide your Microsoft Azure credentials and click Next 
    
    
9. On the next window, provide your administrative Windows Active Directory credentials and click Next
    
   
    
   Note: It is recommended to use a service administrative account instead of an administrators account should said administrator leave the organization
    
10. Enable Hybrid Deployment by clicking the provided box click Next
     
    Note: Various Microsoft Online Services such as Office 365 provide features that work best when certain directory information can be controlled by the online service. Directory objects, such as users, are synchronized from your on-premises directory are modified in the Azure Active Directory. These changes are then written back to your on-premises directory for on-premises applications to consume.  The Directory Sync tool will not be given the permission to modify all attributes in your directory. Only those attributes that can be written back from Azure Active Directory will have permission to be modified. This step is not crucial for this lab however will be required in future labs.
     
11. Enable Password Sync by clicking the provided box and click Next 
    
12. Click Next to complete the installation
     
13. Ensure Synchronize your directories is selected and click Finish