How to Setup Ad Sync for Office 365: Complete Guide

Jyoti Sharma | how to technology | 7 minutes read | Modified on: 16-09-2022

As an organization, you should know that keep on organized & saving your data securely is very necessary. When dealing with office prolificacy, Microsoft 365 is the best standard. But do you have idea that you can configure AD Sync Office 365 to retain entire user data in sync between user on-premises Active Directory and Azure Active Directory? Therefore, we will explain how to setup AD Sync for Office 365 by Azure Active Directory (Connect) in this blog.

How to Setup Ad Sync for Office 365 in detail

The process of configuring AD Sync Office 365 is complex but we are here to explain and guide you to manually Sync Office 365 with Active Directory.

  1. Azure AD Connect

Basically, it is a program that can connect on-premises Active Directory to Azure Active Directory. It enables to synchronize on-premises users & computers with Azure Active Directory. Users can access Azure Active Directory Connect to attach for multiple on-premises forests. Users can also access Azure AD to multiple Microsoft Office 365 tenants. Given below are the requirements to configure Azure Active Directory Connect –

  • Subscription Plan of Azure. You can also generate a free account for that.
  • A domain organizer active Windows Server 2008 or later in on-premises.
  • The forest optional level should be at least Win. Server 2008.
  • If users need to sync passwords, the domain organizer should be working on Windows Server 2012 or later.
  • Using account for installing Azure Active Directory Connect should be a legal member of an Organization Admin group & Schema Admins group.

2. Making Environment

There are few tasks that you have to fulfill in on-premises environment & Azure AD, before installation –

In On-premises Zone

  • Generate a user account handled for running Azure Active Directory Connect.
  • Check that user profile account for running Azure AD Connect has changes permission of directory.
  • To sync passwords, confirm that user profile account will be handled for running Azure Active Directory Connect has reset password permission.
  • If user has plan to access group filtering, generate a global safety group in your on-premises AD zone & save the user that must be synchronized for the group.
  • If you need to filter option other than groups (contacts, computers), you must generate a company unit (OU) for every object that you need to filter & then transfer the object that you need to filter into the apt OU.

In Azure Active Directory –

  • Check that Azure Active Directory Connect is capable to communicate through Azure AD instance.
  • If you are planning to sync passwords, check that your synchronization user account has MS DC Consistency property populated.

3. Creating the Domain Routable

If you need to access an internet name for on-premises domain (for contoso.com, example), you have to ensure that the name is routable on your network. For doing it, you must have to add a DNS entry for internet name on the DNS Server & after that configure the firewall to enable traffic for the DIS entry.

4. Saving New UPN Suffix

To be able to sync users from the on-premises AD to Azure AD, you should save a UPN suffix to on-premises domain to Azure AD. For doing this, you have requirement to access the Azure portal.

  • Click on the Azure Active Directory in the Azure portal and after that hit on the properties.
  • Save UPN suffix for on-premises domain from the UPN Suffixes box (for example, contoso.com).
  • Click on the Save.

5. Modify the UPNs for Existing Users

If you have already existed user account in the on-premises AD, then you have necessity to modify their UPNs to replicate new UPN suffix you accessed in Step 4. For doing it, you can access the set user cmdlet in PowerShell.

6. Edit the mail Proxy Elements

If you need to sync user from on-premises AD to Azure AD in order to be accessed with Microsoft Office 365, you must edit the mail proxy elements for the users. For doing it, you can access the Set user cmdlet in PowerShell.

i.e. to edit the mail proxy address for a user by the UPN (User Principal Name) of smith@contoso.com to smtp:smith@contoso.onmicrosoft.com, you need to use the given PowerShell command –

Set-User –  Identity smith@contoso.com -EmailAddresses SMTP:smith@contoso.onmicrosoft.com

7-Verify User Name in the O365 Admin Center

After the synchronized users from your on-premises Active Directory to Azure AD, you can verify to see. If the synchronization process was efficacious through looking at user name in O365 admin center.

  • Click users in Office 365 admin Center
  • Then click on Active users
  • You must see a list of the entire users who have need synchronized from on-premises AD.

If you do not find any user, check that Azure Active Directory Connect is configured to sync on premises AD with Azure AD.

8- Install and Configure Azure Active Directory Connect

Now you have ready the environment & make sure that the user is synchronized; you can configure Azure Active Directory Connect.

  • Install Azure Active Directory Connect on the server with logging in a local administrator. The sync server must be the server, as you want to use.
  • Circumnavigate to Azure Active Directory Connect.msi & double click it.
  • After choosing the box agreeing, click on Continue to the license terms.
  • Click on Use express settings on the Express settings screen.

Connect to Azure Active Directory with entering the username of global administrator & password. Click on Next.

  • Now troubleshoot connectivity errors, if receive an issue and have any connectivity issue.
  • Provide username & password of the company administrator on the Connect to Active Directory DS screen. Net Bios / FQDN is useable for the domain part. Now proceed to next step.
  • If you have accomplished the prerequisites & checked domains, the Azure Active Directory sign-in configuration page will not display.
  • Check entire domains that is marked as not added & as not verified, if appear this page. As your domain are verified in Azure Active Directory, Click on the Refresh symbol.
  • Now ready to generate window, tap on Install.

You can also unmark the Start synchronization process as the configuration process is accomplished, checkbox on the Ready to generate page. To configure further settings, i.e. filtering, you must unmark the checkbox. In this circumstance, the wizard configures synchronize but leave the scheduler disables. You should run the installation tool again to allow it.

When the checkbox is allowed, entire users, group & contacts synchronizes instantly to Azure Active Directory after configuration process has been accomplished.

If Exchange installed in AD on premises, you can access Exchange Hybrid deployment. This function enables to have Exchange folder on premises on the cloud.

  • Click on Exit option after the installation completed.
  • If you need to access synchronization Rule Editor or Synchronization Service manager after completion the installation process, sign out & login again.

9- Converting Azure Active Directory Connect Configuration

After the installation & configuration Azure Active Directory Connect, you can export configuration therefore, it can deploy for other servers. You can export the Azure Active Directory Connect configuration through the Azure Active Directory Connect Export/Import Settings tool.

For exporting Azure Active Directory Connect configuration with Azure Active Directory Connect Export /Import settings wizard, follow the given steps –

  • Run the Azure Active Directory Connect Export / Import tool
  • Click on the Next from Welcome screen.
  • Go to the tab customize & select import synchronization settings.

Finally, click on Install option & you are enable to go with the export configuration way.

10- Microsoft 365 Active Directory Sync by ProwerShell commands

Use PowerShell commands to push synchronization between on premises AD & Azure AD. For doing it, follow the given steps –

  • Open the Azure Active Directory Module for Windows PowerShell.
  • Follow the given cmdlet – Start ADSyncSyncCycle- PolicyType Delts
  • Check the synchronization process has completed successfully with Get- ADSyncSheduler
  • There will display the status of Enabled & Last Sync output of “Success”.
    • If you need to synchronize on premises AD by Azure AD instantly, you can run the given cmdlet – Start-ADSyncSyncCycle – PolicyType Initial

It instantly starts the synchronization process. It may also take some time to finish.

After successful completion of the MS Office 365 Active Directory Sync, why not go for keeping Office 365 data safe & proper backup up. Storing Microsoft 365 data as backup is the securest option to enhance the measures of safety. With Office 365 Email Backup Software, you can also do it.  

This wizard is one of the most relevant solution to backup emails data from Office 365 to other format, & options & also cloud. You can directly save your Office 365 data to PST, EML, MBOX, Gmail, Exchange Server, IMAP & other options. It supports a wide range of functions that provides safe, assured outcome. It also makes the process simple & generate backup on a schedule that fulfil your needs.

Conclusion

Office 365 Active Directory Sync is a smart tool that can save your company time & money. It is crucial to have the time to perform it correctly, therefore, you can gain benefits. With the given steps, you can sync Office 365 account with AD in no time. Firstly, keep a duplicate copy of the tool on your system as the secure backup plan at the time of server failure & emergency. Go with its demo edition & make it now. Now you are capable to know how to Setup Ad Sync for Office 365.