1. Force Synchronization
Welcome to Section Ten. Implementing identity synchronization For the first video, we are going to force the synchronization. So what are the four synchronization requirements? First thing, Active Directory Connect can take up to 30 minutes for the sync. And we cannot wait. PowerShell is the best option for synchronization in Atlanta. So every change and every upgrade you do on Premed will be synchronized very quickly and reliably with Office 365 or Microsoft 365. But the following are the requirements: First, you need to run PowerShell as an administrator. And second, you need to run it on the machine where you have Asia Ad Connect installed.
So, go to the domain controller that has Azure Ad Connect installed. I am back on the server that has Azure Ad Connect installed. It was the same server that we used on the last video. I will now start PowerShell as the administrator. Run as administrator by right-clicking. So you run the next command. Import module ad sync and type enter. Now run the command to start the cycle. But first, I’m going to clear the screen. The command for starting the cycle is start ad sync sync cycle policy delta. The policy delta switch means it is used so that only the updates are synchronized. That includes only the new items that I configured or added as new.
So I will type Enter, and you can see that the result is success. So I managed to update all of my changes to the tenant in the on-premises system. Sync Types There are two sync types. We already did the first one with the delta type, which imports and exports to all connectors. The second one is the policy type initial, which is a false thing. It’s adding more objects or attributes to be imported to the source directory, making changes to the sync rules, and making changes to filtering. So that means that everything with the initial option is synchronized with the tenant. It was all for the sake of force synchronization. In the next video, we will validate the results of directory synchronization.
2. Validate the Results of Directory Synchronization
Validate the results of directory synchronization. So switch to the Portal Office as the admin account. On PortlandOffices.com, click on “Admin” and go to the “active users.” Let’s see for ourselves. Did it synchronize as it should? So here are tests one, two, and three. As you can remember, we did it in the last video, where we synchronized the on-premises users from the active directory on the server to the tenants that we have here on Microsoft 365.
So you can see here that the new users are unlicensed. The first thing you need to do is licence these users. So for the first one, I’ll select the test and select the three points here for more options, and then click Manage Product License. So the first thing you need to do after the synchronization is add them to the licence you have. So, first, select the location. I’ll select my partially heterogeneous location, and as the licence that you can use on your tenant, I’ll select Enterprise and Mobility, and I’ll select Microsoft 365 for Business, before clicking Save Changes. I applied the licence to the user, so now the users have the tools and features that Microsoft 365 provides. As you can see, now the user has added the licence to the account.
So if you want to use it for more users, you can select the “book” option. I selected these two, and I can now manage the product licence for the two users and the existing product licence requirements. And I’ll go with Enterprise mobility. Security. I will just enter Maxwell 365 for Business, and this is all, and click Add. And I added the licence for the two users. So the first thing you need to do, remember, is add all the users and all the objects that need to be provided with the licence to the other credit license. So close. This was a quick one, a successful synchronization of on-premises users to cloud users that we can now configure. So on the next video, we will see how to deploy the Asia Ad Path through authentication.
3. Deploy Azure AD Pass-Through Authentication
Install Azure ad pass-through authentication. What is Azure Active Directory pass-through authentication? Azure Active Directory pass-through authentication allows your users to sign into both on-premises and cloud-based applications using the same passwords. This feature provides your users a better experience with one less password to remember and reduces help desk costs because your users are less likely to forget how to sign in. When users sign in using Azure AD, this feature validates the user’s passwords directly against your on-premises Active Directory. So, go to the domain controller that has Azure Ad Connect installed.
So on your domain, where you installed the Azure Ad Connect, I will launch it again because it’s running and synchronizing, as we did in the previous tasks. I will click on Configure, and I will set a new option, Change User Sign In. I will click on it. I will click next. Provide a password for the Microsoft 365 tenant. Next, it’s signing in, and there’s the option to pass through authentication. I will select it. But first, I will go to my Portal Office and see for myself if it’s enabled or disabled from the Asia Console. So I will connect to the Portal office. I’ll start with administration and then move on to Asia. So I’ll run it on the left side, down there as your Active Directory, and we’ll see what happens. How does it look in your Active Directory?
When you click on it, you’ll see an option that says, “Let me just see it.” Asia Ad Connect is disabled, and the pass-through authentication is disabled, but I will take it online with the option “On Premises Server.” So pass through authentication and click Next. Now, on the Enable Single Sign-on page, I will enter the credentials that are the admincredentials traitor and the password for it. The credentials are correct, and I will click Next. checking for the installed components, waiting a couple of seconds. Once you click Configure, we will do the following: configure PKMs on the macro ad connector for the domain controller to authenticate the agent for pass-through authentication. I’ll enable pass-through authentication, managed authentication, and single sign-on, then click configure, and the configuration will be complete. I will click Exit, and I will go now to check. Is pass-through identification now enabled? On our Asia advertising link. I will refresh the Asia Active Directory site and see it for ourselves. Ad Connect Asia The pass-through authentication is enabled, and the agent is online. But it wants to tell us something. Please install three or more authentication agents for high availability. This means I need to install more agents to administer it and monitor the pass-through authentication.
And at the end of the summary, we really had a lot of sections. The first one was creating the tenant. The second one was configuration. Your Microsoft 365 tenant Then there was configuring Office ProPlus. Then there was Office 365 with group policy objects and telemetry for user security. The best fund we had was at the tenant administration, but subscriptions and rights management were also good. The next one was monitoring and service help, then managing your Microsoft 365 environment using Windows PowerShell. Before the end, we are setting up the identity synchronization, and at the end, we are implementing the identity synchronization. So, in the end, I really enjoyed teaching it, and I hope you learned a lot of useful information that will help you pass the MS 100 exam. So, guys, good luck to all of you with the exam, and I hope that my tutorial helped you. So thank you, and good luck to all of you.