Microsoft Azure AD Synchronization Features Hit Preview Stage
- By Kurt Mackie
- April 24, 2014
Two Microsoft Azure Active Directory synchronization features were released as "previews" this week.
The two features are a new writeback capability for the self-service password reset feature of the Microsoft Azure Active Directory DirSync Tool, and a new multiforest identity synchronization feature that Microsoft is calling "Azure Active Directory Sync," or "AAD Sync."
The writeback capability is designed to support users of Microsoft Azure Active Directory Premium. Microsoft indicated in November that the password reset capability in the Microsoft Azure Active Directory Premium preview version lacked the capability to reset passwords housed on premises; it only worked at that time for cloud-based passwords. That situation is changed with this preview release.
"This [writeback] preview capability allows customers who rely on federation or password hash sync to use Azure AD Premium to reset on-premises passwords in Windows Server Active Directory," Microsoft tersely explained in its announcement on Monday.
The Premium offering is designed to address the advanced identity and access management needs of enterprises using Microsoft Azure. It became generally available on April 2, according to Microsoft's pricing page, but it's just available to organizations that have Enterprise Agreements with Microsoft.
The second preview, AAD Sync, is described by Microsoft as addressing the needs of Microsoft's largest customers. AAD Sync, according to Microsoft's announcement, allows organizations to:
- "Onboard your multi-forest Active Directory deployment to AAD
- "[Carry out ] advanced provisioning, mapping and filtering rules for objects and attributes, including support for syncing a very minimal set of user attributes (only 7!)
- "[Configure] multiple on-premises Exchange organizations to map to a single AAD tenant (as recently announced at the MEC conference)"
In addition, Microsoft has big plans for AAD Sync. It's going to replace DirSync in the near future.
"Over time (6-8 months), Azure AD Synch will replace DirSync and be included for all AAD, Office 365 and other Microsoft cloud service customers," the announcement states. "It will enable simple synchronization like DirSync does today, but also have a set of much more advanced capabilities, for instance, support for combinations of directories (AD, LDAP, SQL, and others) and the ability to remap and swizzle existing on-premises attributes."
The preview of the writeback capability of the DirSync tool can be downloaded from this link, and Microsoft is promising to release an install guide for it "next week" at this Microsoft Azure library page.
The AAD Sync preview is available for testing by signing up for it at this Microsoft Connect portal page.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.