Sync your on-premesis Active Directory users with Azure Active Directory.
Procedure
1. Install the following components on a domain joined server (not domain controller):
- Microsoft Online Services Sign-In Assistant for IT Professionals RTW
- Windows Azure Active Directory Module for Windows PowerShell
- Microsoft Azure Active Directory Connect
2. On the Microsoft Azure Active Directory Connect User Sign-In page, select your user's sign-in method and click Next.
Note: For more information, refer to Microsoft article Azure AD Connect user sign-in options.
3. Enter your Azure AD credentials and click Next.
4. Enter the connection information for your on-premises directories or forests and click Next.
5. Select userPrincipalName as the onpremist attribute to use as the Azure AD username and click Next.
6. Choose to Sync all domains and OUs or Sync selected domains and OUs (and specify them) and click Next.
7. Configure the Uniquely identifying your users settings and click Next.
- Select how users should be identified in your on-premises directories.
- Select how users should be identified with Azure AD
Note: SOURCE ANCHOR - sourceAnchor is an immutable attribute that acts as the primary key linking the on-premises user with the Azure AD user. A good candidate value for this attribute is objectGUID.
8. Choose to synchronize all users and devices or choose a subset and click Next.
9. Select any desired optional features and click Next.
10. Configure Azure AD app restriction (if needed) and click Next.
11. Add the following attributes to the Selected Attributes window and click Next.
- sAMAcountName
- userPrincipalName
- objectGUID (user)
- objectGUID (group)
- displayName
12. Mark the checkbox Start the synchronization process as soon as the configuration completes and click Install.
13. Verify your federation configuration and click Verify.
Browse to the Configuration Summary for steps to integrate SecurID Access with Office 365.
