现有的AD服务器和azure 365 [英] existing AD server and azure 365

问题描述

大家好 

我刚刚接管了一个网站，我有一个AD-DC和电子邮件是o365，如果我进入azure广告365，我可以看到我的所有广告帐户。 

我想安装和设置广告同步，主要用于本地广告和电子邮件帐户之间的密码同步。目前有大约20个用户，并且快速增长，所以希望尽快排序。

如果我安装同步工具，我可能会破坏什么？在设置和开始同步之前我需要做什么...我假设o365中的电子邮件密码将更改为本地AD密码..

希望这样做很好尽可能顺利， 

感谢您的输入

Cliff

解决方案

Hello  Cliff-NZ ， 

从你提到的内容我知道你有一个内部部署的环境，用户在内部部署有两个帐户，另一个是在云中为他们手动创建的电子邮件帐户。如果不是这种情况，则以下建议
可能不适用。 

• 阅读文章  https://docs.microsoft.com/en-us/azure/active-目录/ hybrid / how-to-connect-install-existing-tenant

• 首先，我建议安装一个内部部署中的其他域控制器，并为其进行系统状态备份。
  
• 使用任何
  脚本或从Azure AD导出用户详细信息的任何其他方式。
  
• 您获得的azure AD用户的数据需要用于向相应的内部部署帐户添加一些信息，以便同步引擎可以执行
  
  软匹配。
  请在此处详细了解软匹配。 
• 确保在本地活动目录中相应用户帐户的proxyaddresses属性中的邮件和主SMTP地址中添加电子邮件地址。 
• 现在创建一个新的服务器/ VM来安装
  Azure AD连接同步工具。 
• 使用 staging mode 首先如果有任何错误，你可以在生产中调整它之前查看并修复它。 
• 一旦确定对象服务器上的对象正确匹配，就可以从Azure AD连接向导启用nromal模式。 

希望信息有所帮助。  

Hi All 

I have just taken over a site and I have one AD-DC and emails are on o365, if I go into azure ad 365 I can see all my ad accounts. 

I would like to install and set up the ad sync mainly for password sync between local Ad and the email accounts. currently have about 20 users, and rapidly growing so would like to get sorted sooner than later.

if I install the sync tool, what am I likely to break? what do I need in place before I setup and start syncing... I assume the password for email in o365 will change to the local AD passwords..

would like this to go nice and smooth as possible, 

thanks for your input

Cliff

解决方案

Hello Cliff-NZ, 

From what you have mentioned I understand that you have an on-premise environment and users have two accounts one in on-premise and another is the email account which is manually created for them in the cloud. If this is not the case then the following suggestions may not apply. 

• Read the article https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-install-existing-tenant

• First off , I would suggest to install an additional domain controller within the on-premise and take a system state backup for the same.
• Use any script like this or any other way to export the user details from the Azure AD .
• The data for the azure AD users which you obtain needs to be used for adding some information to the corresponding on-premise account so that the sync engine can do a soft match. Read here more on soft match. 
• Make sure you add the email address in the mail and primary SMTP addresses in the proxyaddresses attribute within the corresponding user accounts in the local active directory. 
• Now create a new server/VM to install the Azure AD connect sync tool. 
• Configure the server using staging mode first so that if there is any error you can review and fix it before tuning it in production. 
• Once you are sure that the objects are matched properly as seen on the sync server enable nromal mode from the Azure AD connect wizard. 

Hope the information helps. 

这篇关于现有的AD服务器和azure 365的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！