How to Sync On-premise AD with Windows Azure AD using Azure AD Sync tool

1. Create Azure AD and Activate Azure AD Sync

• Login to windows azure management console, from the left hand bottom portion of the menu click "New".
• Now a new page opens, in which navigate to NEW > APP SERVICES > ACTIVE DIRECTORY > DIRECTORY and click CUSTOM CREATE as shown below,

• Now in the Azure AD creation page provide the values as shown in the below screenshot,

• Now Azure AD has been successfully created.

• To activate the Azure AD Sync for the created AD, from the left pane select Active Directory, then in the Active Directory page, click the Azure AD and select the DIRECTORY INTEGRATION menu. Then click ACTIVATED and finally click SAVE to confirm the changes.

• Now Azure AD Sync has been activated successfully.

2. Download and Install Azure AD Sync tool in on-premise AD

• From your on-premise windows server, login to windows azure management console.
• Now from the left pane select Active Directory, then in the Active Directory page, click the Azure AD and select the DIRECTORY INTEGRATION menu.
• In the DIRECTORY INTEGRATION menu, scroll to bottom section and download the Directory Sync tool as shown below,

After downloading the Azure AD Sync tool proceed with the installation steps as shown below,

• Welcome page provides detail on Azure Active Directory Sync tool, click next to proceed.

• Accept the license agreement to proceed with installation.

• Select the installation folder for Azure Active Directory Sync tool,

• Now the installation begins.

• Now the installation is completed.

• Click Finish to start the configuration wizard.

3. Configure Azure AD Sync tool in on-premise AD

After installing the Azure AD Sync tool proceed with the configuration steps as shown below,

• Configuring Azure AD Sync tool will establish synchronization between the on-premise AD and Azure AD.

• Provide the credentials of user account with administrator permissions for Azure AD for allowing the changes from on-premise AD to synchronize with Azure AD.

• Now provide the credentials of user account with administrator permissions in on-premise AD to grant the permission for Azure AD Sync tool to synchronize the changes in on-premise AD with Azure AD.

• Enable hybrid deployment allows some Active Directory object attributes that are modified in Office 365 to be written back to your local AD. This is a requirement for some Office 365 functionality, such as email. If you don't have Exchange (Exchange 2010 Sp1 or above) in your local environment, this option will be greyed out. In my environment, I don't have Exchange Server so this option is greyed out.

• Enable Password Sync option to synchronize the password of users in on-premise AD with Azure AD for single sign-on.

• Now the configuration begins.

• Now the configuration is completed.

• Now click Finish to initiate the synchronization between on-premise AD and Azure AD.

4. Testing Sync between on-premise AD and Azure AD

Now comes the interesting part, as we always feel better to taste (test) than cook (configure). So let's taste the dish which we have prepared in the previous section.

• Now I create a test user account in on-premise AD as shown below,

• To confirm the sync between on-premise AD with Azure AD, now I login to windows azure management console and navigate to Active Directory > Azure AD > Users. In the Users list, now I confirm that the user account created in on-premise AD is synchronized with Windows Azure AD as shown below,

Thus we have synchronized the on-premise AD with Windows Azure AD using Azure AD Sync tool.