Microsoft Office 365 - Configure Active Directory Sync - RSA Ready SecurID Access Implementation Guide

Document created by RSA Information Design and Development on Jun 19, 2019Last modified by RSA Information Design and Development on Feb 7, 2020
Version 7Show Document
  • View in full screen mode

Sync your on-premesis Active Directory users with Azure Active Directory.


1. Install the following components on a domain joined server (not domain controller):

  • Microsoft Online Services Sign-In Assistant for IT Professionals RTW
  • Windows Azure Active Directory Module for Windows PowerShell
  • Microsoft Azure Active Directory Connect

2. On the Microsoft Azure Active Directory Connect User Sign-In page, select your user's sign-in method and click Next.

Note:  For more information, refer to Microsoft article Azure AD Connect user sign-in options.

3. Enter your Azure AD credentials and click Next.

4. Enter the connection information for your on-premises directories or forests and click Next.

5. Select userPrincipalName as the onpremist attribute to use as the Azure AD username and click Next.

6. Choose to Sync all domains and OUs or Sync selected domains and OUs (and specify them) and click Next.

7. Configure the Uniquely identifying your users settings and click Next.

  1. Select how users should be identified in your on-premises directories.
  2. Select how users should be identified with Azure AD

Note:  SOURCE ANCHOR - sourceAnchor is an immutable attribute that acts as the primary key linking the on-premises user with the Azure AD user.  A good candidate value for this attribute is objectGUID.

8. Choose to synchronize all users and devices or choose a subset and click Next.

9. Select any desired optional features and click Next.

10. Configure Azure AD app restriction (if needed) and click Next.

11. Add the following attributes to the Selected Attributes window and click Next.

  • sAMAcountName
  • userPrincipalName
  • objectGUID (user)
  • objectGUID (group)
  • mail
  • displayName

12. Mark the checkbox Start the synchronization process as soon as the configuration completes and click Install.

13. Verify your federation configuration and click Verify.


Browse to the Configuration Summary for steps to integrate SecurID Access with Office 365.