Enterprise Mobility and Security Blog


Howdy folks,

I’m happy to announce that our new Azure Active Directory Synchronization Services (AAD Sync) has reached general availability. As I’ve blogged about previously, AAD Sync is our new “one sync to rule them all”. It greatly simplifies the process of connecting Azure AD to Windows Server AD, including making it simple to connect complex, multi-forest deployments. It also enhances the single forest capabilities.

If you just want to get started, just click here to download AAD Sync.

AAD Sync capabilities in this release include the following;

  • Active Directory and Exchange multi-forest environments can be extended now to the cloud.
  • Control over which attributes are synchronized based on desired cloud services.
  • Selection of accounts to be synchronized through domains, OUs, etc.
  • Ability to set up the connection to AD with minimal Windows Server AD privileges.
  • Setup synchronization rules by mapping attributes and controlling how the values flow to the cloud.
  • Preview AAD Premium password change and reset to AD on-premises.

This is just the beginning. Moving forward, we will continue to enhance the capabilities of AAD Sync. Multi-forest support for Password Synchronization is coming next. Subsequent releases will include extended attributes, write-back of users, devices and groups, as well as support for non-AD directories.

And as always, we would love to hear and feedback or suggestions you have. You can reach out to us through the Windows Azure AD Forum.

Best regards,

Alex Simons (twitter: Alex_A_Simons)

Director of Program Management

Active Directory