Howdy folks,
Today we’ve got some amazingly cool news to share.
If you work in a large enterprise, you probably already know how big the challenges can be when your company makes an acquisition and you suddenly get asked to provide cloud identity services to an entirely new business group, usually one with their own set of Active Directory domains and forests.
If this is a challenge you face, I’m excited to let you know about the public preview of Azure AD Connect cloud provisioning!
With cloud provisioning, customers can easily provision identities from multiple disconnected AD forest to Azure AD. Azure AD Connect cloud provisioning moves the heavy lifting for provisioning from AD to Azure AD to the cloud with lightweight agents on-premises and provides the following benefits:
- Helps with provisioning from disconnected AD forests to Azure AD—Organizations may have disconnected AD forests due to mergers and acquisitions or remote office locations. Whatever the reason may be, cloud provisioning allows you to quickly integrate these multiple disconnected AD forests into an Azure AD tenant.
- Reduces on-premises footprint—The provisioning agent is a lightweight agent with the sync complexity (configuration and processing) in the cloud.
- Enterprise grade high availability—Multiple provisioning agents can be deployed to ensure high availability for provisioning especially for password hash sync.
Give cloud provisioning a try
Setting up cloud provisioning is a two-step process. The first step is to install the lightweight provisioning agent on a domain joined server (or server VM). The second step is to configure cloud provisioning in the Azure portal.
Step 1: Install the provisioning agent
Before you install the Azure AD Provisioning agent, complete the prerequisites.
- In the Azure AD Connect experience, click Manage provisioning (preview).
- On a domain joined Windows server, click the Download agent button to download the Azure AD provisioning agent.
- Follow the wizard steps to install the provisioning agent package.
4. Once the agent is installed, you’re ready to configure provisioning in the Azure portal.
Step 2: Configure cloud provisioning
- In the Azure AD Connect experience, click Manage provisioning (preview).
- Click + New configuration.
- Click Enable to apply the configuration.
- Save the configuration. The AD changes are now provisioned to Azure AD every two minutes. For more guidance on how to get started, checkout the Azure AD Connect cloud provisioning tutorials.
Now that you’re familiar with cloud provisioning, let’s take a look at what features are currently supported.
Azure AD Connect cloud provisioning capabilities
Azure AD Connect cloud provisioning public preview supports the following capabilities:
To learn more, check out the Azure AD Connect cloud provisioning documentation.
Let us know what you think
We’re just getting started and would love to get your feedback on the current set of capabilities and what more you need. Please give us your feedback in our Azure AD UserVoice feedback forum or in the comments below. We look forward to hearing from you!
Best regards,
Alex Simons ( @Alex_A_Simons )
Corporate VP of Program Management
Microsoft Identity Division
Microsoft
