Forum Discussion

Mats Warnolf's avatar
Mats Warnolf
Brass Contributor
Mar 09, 2017

Agent for Identity Manager to sync to Azure AD

I colleague asks if there is a way to use MIM/FIM to sync to Azure AD? I recall that there used to be a FIM agent that you used in multi-forest scenarios.  Today AAD Connect handles multi-forest. ...
Azure AD
Identity Management
microsoft 365
Max Fritz's avatar
Max Fritz
Iron Contributor
Mar 14, 2017

Everyone is right that it is possible. That being said, the official recommendation is to deploy a seperate instance with Azure AD Connect. The features that get rolled into and released to Azure AD Connect often are unavailable using the Azure AD MA with MIM.

 

More details on what's supported here: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-hybrid-identity-design-considerations-tools-comparison

BrjannBrekkan's avatar
BrjannBrekkan
Icon for Microsoft rankMicrosoft
Apr 05, 2017

Yes highly recommended to run Azure AD Connect as your identity bridge between on premises and cloud as it is frequently updated in sync with updates in Azure AD as well as in Office 365 in hybrid mode. In a FIM/MIM instance these frequent updates on the connector could make updates/changes that affect other connectors and more often than not organizations really dont want to touch their configured connectors and sync schedules.

 

So yes the best practice is to have Azure AD Connect be your connection between AD and Azure AD.

 

Brjann

 

 

Resources