Hi all! Today I will start with a serie of posts about how to update DirSync to AAD. For those who don’t know what is AAD, I will tell them that is a new tool from Microsoft that simplifies the synchronization between your on-premises directories with Azure AD, and also to enable single sign-on to Office 365 and other applications.
Azure AD Connect includes all the advances and features of AAD Sync as:
- Enable your users to perform self-service password reset in the cloud with write-back to on premises AD
- Enable provisioning from the cloud with user write back to on premises AD
- Enable write back of “Groups in Office 365” to on premises distribution groups in a forest with Exchange
- Enable device write back so that your on-premises access control policies enforced by ADFS can recognize devices that registered with Azure AD. This includes the recently announced support for Azure AD Join in Windows 10.
- Sync custom directory attributes to your Azure Active Directory tenant and consume it from your cloud applications
So, If your question is being: DirSync being replaced by AAD? The answer is yes 🙂
Next thing we have to check before installing nothing is to review the requisites:
Active Directory domain – Windows Server 2003 or higher DC
Machines – The machine on which the wizard is run (and sync will be configured) must be running Windows Server 2008 R2, 2012 or 2012 R2 and must be domain joined
Credentials you will need – To run the wizard, you must be logged in as a domain account, not a local machine account. Windows Server Active Directory enterprise administrator credentials
Azure Active Directory global administrator account – It is helpful to have a test user account created in Active Directory so that you can do a test sign-in upon completion of the configuration
Azure AD – You will need one Azure AD tenant which you can use for the evaluation of this preview.
Also the following software to update from DirSync to AAD:
- Azure Active Directory Connect http://www.microsoft.com/en-us/download/details.aspx?id=47594
- Windows Management Framework 4.0 https://www.microsoft.com/en-gb/download/details.aspx?id=40855
- .Net 4.5.1 https://www.microsoft.com/es-ES/download/details.aspx?id=40773
| Objects in ACTIVE DIRECTORY | CPU | MEMORY | HDD Size |
| less than 10.000 | 1,6 GHz | 4 GB | 70 GB |
| 10.000–50.000 | 1,6 GHz | 4 GB | 70 GB |
| 50.000–100.000 | 1,6 GHz | 16 GB | 100 GB* |
| for more than 100.000 objects is required a complete version of SQL Server | |||
| 100.000–300.000 | 1,6 GHz | 32 GB | < 300 GB |
| 300.000–600.000 | 1,6 GHz | 32 GB | 450 GB |
| more than 600.000 | 1,6 GHz | 32 GB | 500 GB |
To check how many object do we have in AD, we hbave the following Powershell to check it:
Import-module activedirectory
Get-ADObject -Filter {name -like '*'} -SearchBase 'CN=Schema,CN=Configuration,DC=domain,DC=local' -ResultSetSize $null | Measure-Object
In my case it was about 5k objects, so I was able to update withour problems 🙂
If you need more information, you can visit: https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnect/
Albandrod's Memory 