By Achilleas Eleftheriou – Technical Manager
Most companies that use Microsoft 365 have a hybrid installation, they also have an Active Directory on-site, which is the main identity data processing.
Learn how local AD information can be combined with your Microsoft 365 environment using native Microsoft resources in this Active Directory integration guide to Microsoft 365.
To achieve that Microsoft offers Azure Active Directory Connect, a relatively lightweight system running on a database in your office or datacenter, to allow you to synchronize identity information from your on-prem Active Directory with Microsoft Azure AD.
Installing and Configuring Azure AD Connect
To use Azure AD Connect, take the following steps:
Figure 1. The Azure AD Connect Express Settings screen
I recommend deselecting the “Start the synchronization process as soon as configuration completes” checkbox. You’ll want to do some filtering of the directory parts that get synchronized anyway, and when you uncheck this box, the wizard configures the sync service itself but disables the scheduler. Once you have completed your filtering, you’ll re-run the installation wizard in order to enable the schedule.
If you are running Exchange locally, check the box to enable a hybrid Exchange deployment. This will enable a few more directory attributes to sync, which will serve you well when it’s time to run the Exchange Hybrid Configuration Wizard, as explained in the next section.
Customizing what gets synchronized
It makes sense to synchronize only those directory objects that can be used in Microsoft 365; if there is practically nothing you can do with them in the cloud, you don't want a lot of service accounts and other items littering yours.