top of page
Search

(65) Setup Azure AD Connect with Express Settings

  • Writer: Mr B SOE way
    Mr B SOE way
  • May 18, 2023
  • 2 min read

Sometime last year, I posted https://soeintunedevice.wixsite.com/home/post/17-setup-azure-ad-connect-on-home-lab with setting this up. As I got a new PC a few months ago and had the time to rebuild my server again, I decided to re-do the setup for Azure AD Connect on my Lab Server.


The steps are as follow:











2. Run the installer on the new server, select "I agree to the license terms and privacy notice" then select Continue.











3. Select "Use Express Settings" to get the Microsoft AAD Sync Account automatically created.











4. To connect to Azure AD, login with an account that has Global Administrator or Hybrid Administrator rights then select Next.










5. Enter the credentials for the administrator that is on-prem.











6. Select "Start the synchronization process when configuration completes". Then select Next.











7. If you do encounter this error, you can view the logs.











The synchronisation service account for Azure Active Directory gets created during this project which is "On-Premises Directory Synchronization Service Account"










8. To resolve the issue, navigate to https://portal.azure.com then Users and check out user sign-ins (non-interactive).







By running the "What If" against the Service Account, you can see that the following CA policies are blocking it.


9. Select Retry, and it will be completed.











10. Navigate to https://portal.azure.com then select Azure Active Directory Connect Health, we can see the health services is up and running.


and the correct version is installed.










11. On the server that has the AADC installed, double click on Azure AD Connect. Select Configure then select Customize synchronization options. Follow the wizard, it is optional on whether you would want to synchronize all OU's.


I have updated to only do selected OU's.











Under Optional features, select "Password writeback".











To ensure this works, make sure SSRS has been setup. It can be set to Selected or All.

Existing users will need to register,


 
 
 

Comments

bottom of page