New Office 365 directory synchronization tool shipped called Azure Active Directory Synchronization Services

Good news is this long awaited tool has finally shipped and it looks like this is the one tool to leverage for synching local identities to the Azure AD for use with Office 365 Education, Azure services, etc.

image

I put together a quick FAQ about the new AAD Sync tool to help with this launch:

 

Does this replace the Dirsync or AAD Dirsync tool I use today with Office 365 Education?  

Yes and no. Long term AAD Sync is slated as a replacement for the Dirsync/AAD Dirsync tool you may have deployed already. However, you can remain on Dirsync/AAD Dirsync as this will continue to be supported for some time.

Updated (10-30-14):   AAD Sync now provides local AD password synchronization to Azure AD

 

How can I move from Dirsync/AAD Dirsync/FIM to AAD Sync?

The good news is it is relatively easy to replace your existing sync tool with AAD Sync. You can simply uninstall the sync tool on the server you had it on and install AAD Sync or you can stand up a new AAD Sync server in parallel.

See here for steps.

 

What does AAD Sync do that Dirsync/AAD Dirsync does not?

  • Multi-forest AD Sync
  • Multi-Exchange Org support
  • Non-AD directory sources single or multiple for sync (SIS, Open LDAP, etc) – coming soon
  • Better attribute and filtering capabilities based on cloud services you require

 

What are some scenarios that I could use AAD Sync in education?

There are several use case scenarios I can see for AAD Sync in education including:

  • Open LDAP syncing directly to the cloud (e.g. students)
  • Oracle/SQL/Other directory data sources like SIS syncing directly to the cloud
  • One forest for students and one forest for faculty/staff but want one tenant to sync to
  • Account/Resource forest
  • Multiple colleges with multiple Exchange Orgs and AD Forests wanting to collapse into one tenant

 

Is there a place I can go to see all the feature differences between FIM, Dirsync and AAD Sync?

image

Yes, see the full matrix here.

 

Does this replace the need for FIM synching to Azure AD?

Yes, it can replace this need for syncing identities to Azure AD only for multi-forest and non-AD directory scenarios.  It will not replace the need to sync on prem to on prem identities like FIM/MIM can do today.

 

Does AAD Sync work well with Azure AD Basic and Azure AD Premium?

Yes, it has plenty of additional sync features to leverage the new Azure AD Basic and Azure AD Premium skus. See here for more info.

 

Where can I go find more details on AAD Sync?

Please visit here and the FAQ here.

 

Where can I download AAD Sync bits?

You can grab the AAD Sync bits here.

 

Watch a great Garage Series video here on identity options including installing Azure AD Sync and preparing your local AD for sync with IDFIX tool:

image