Note: Azure AD Connect setup creates a total of three service accounts.Ĭlick the start menu on the Windows Server. That’s the Azure AD connector account created by Azure AD Connect setup, which will sync AD objects between on-premises AD and Azure AD. Sign in to the Microsoft 365 admin center, you can see that a new user is displayed. Click Install.Īzure AD Connect configuration completed. Select Start the synchronization process when configuration completes.
After that, enable Self-Service Password Reset in Azure AD. In our example, we will only sync the Company OU and sub-OUs. Select Continue without matching all UPN suffixes to verified domains.
Read more on how to create an AD DS Connector account. Note: You can select the option Use existing AD account and type the AD account credentials you created. Click OK.Īzure AD Connect will create an AD DS Connector account (MSOL_xxxxxxxxxx) in AD with all the necessary permissions. Fill in the administrator account with Enterprise Admin rights. Click Next.Įnter the Azure AD global administrator credentials. Read more: Find Azure AD Connect accounts » It will give you all the options which you can decide for yourself. Agree to the license terms and click Continue.Ĭlick on Customize for a custom install.
Note: Do not install additional software or roles on Domain Controllers.Īfter downloading Azure AD Connect, run the setup. In this example, we will use the domain controller for demonstration purposes. It’s best to install Azure AD Connect on a separate domain-joined Windows Server. Installing Azure AD Connect on the domain controller is supported, but Microsoft doesn’t recommend that.
There is only one active user account, which is the Microsoft 365 tenant administrator.
Azure AD Connect is a tool for connecting on-premises identity infrastructure to Microsoft Azure AD.