we have a vm in azure with AD + a SharePoint 2013 that joined that domain.
We have also an Office 365 account with a domain. This domain is added to the Active Directory in Azure.
Now we can see all of our 30 office 365 users in Azure.
Now we need to sync this office 365 users to the VM in azure that runs the AD.
We need a single sign on solution that our office 365 users can log on with there office 365 credentials to the SharePoint 2013 Server.
Is this possible? When Yes, how?
Regards!
You can accomplish this using the Directory Integration feature of Windows Azure AD. From the Azure Portal, enable Directory Integration for your directory and then download the Directory Sync tool. This will enable you to sync between your Azure AD Tenant and your Server AD running in your Virtual Machine.
It's recommended you configure a separate Directory Sync Server to install the tool on. But, it's also possible to just run it on your Server AD Virtual Machine. I've done it both ways successfully.
When you're installing the tool, select the option for Hybrid Deployment. This will enable Azure AD to write objects back to your Server AD.
Related
I've encountered various information on the topic of Azure and SSO and am trying to find out what I'd need for my specific scenario:
I deploy SQL Server and SSRS 2016 on an Azure VM (native mode)
I also have O365 including SharePoint Online
I need users to be able to transition seamlessly between SharePoint Online and other O365 apps and the SSRS reports.
SSO with on-premise AD is a plus but not necessary. What is the bare minimum that I'd need for the scenario above?
Azure AD
Azure AD with Seamless Single Sign-On enabled (requires rolling out
Microsoft Workplace Join to client computers)
Azure AD + ADFS
we have a customer that has office 365 azure AD. we are planning to host our application for them on an azure vm. Our application needs to be domain joined so that the customer can log into the app using there onpremise AD credentials.
how can we accomplish this?
I think you're searching for Azure connect which will integrate your on-premises directories with Azure Active Directory.
https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnect/
I’m currently testing the Microsoft Azure and SharePoint 2013 ability.
In our office, we have an Office 365 account, and I have created a Azure 30-days trial subscription. I have connected those two, so our Office 365 users are visible in Azure AD.
We need to install a virtual server with SharePoint installed on it, with access to a SQL server in Azure as well.
Is it possible to use the Azure AD as authentication for SharePoint users?
If possible, we would like to avoid installing an On-premises AD in Azure. We simply need the authentication for our SharePoint users, so we can keep everything in the cloud, without Site to site VPN to our in house AD.
I am aware, that the virtual machine in Azure with Sharepoint on it, will run in a Workgroup, but I have a hard time figuring out, how I can access the Azure AD to lookup users. I don’t know if this is possible.
Best regards
Christian
I have a new Office 365 Small Business subscription and am wondering how best to synchronize contacts with a custom in-house database application.
I have found material explaining how to access the underlying technology, Azure Active Directory with the a library called the Azure Active Directory Graph Client Library.
However, to my knowledge I don't have an Azure Management Portal for the Azure technologies underlying Office 365, and that's where I would normally register my application for API access according to those tutorials.
So, if I want to access the Azure Active Directory in my Office365 account with the Azure Active Directory Graph Client Library, where do I register the application, get my key - and to which host do I connect to?
Office 365 uses Azure Active Directory as identity management, so it is already there. To access Windows Azure portal for your existing Office 365 subscriptions all you need is to activate a free Windows Azure subscription on your existing account .
This blog Using your Office 365 Azure AD tenant with application access enhancements for Windows Azure AD gives a very detailed steps on how to do it.
In my company, we are using Office365 for our emails.
In addition to this, we are using Windows Azure Active Directory to secure some applications.
Now I've been asked to create some kind of link between our users in Office 365 and Windows Azure Active Directory.
The point would be to have some admin applications deployed and secured with WAAD but for which the users are the ones from Office365.
I've found lots of documentation on the web on how to sync directories but not really anything stating clearly that this is possible.
I'd like to insist on the fact that it is our own application that we'd like to secure like this.
Thanks
(Edit 2018-03-23: This answer was updated to reflect changes in the new Azure portal.)
The underlying directory for Office 365 is Azure Active Directory (Azure AD). This means that if you have an Office 365 account, you already have a directory -or "tenant"- in Azure AD.
In your case, I think what you want to do is move from securing your application with a different Azure AD tenant (under a different domain), to securing your applications with the tenant you got when you started using Office 365. The key here is to be able to get access to your Office 365 tenant from the Azure portal.
All you need to do is sign in to the Azure portal (https://portal.azure.com) with you Office 365 account (which, remember, is an Azure AD account), and head over to the "Azure Active Directory" blade. (Note: You do not need an Azure subscription in order to manage your Azure AD tenant in the Azure portal.)
Now you can go about adding and configuring apps to the Office 365 tenant so that you can use that tenant to secure your apps.
Extra: Since you've already started doing things with another Azure subscription (presumably your Microsoft Account, MSA --formerly LiveID--), you might be interested in transferring that Azure subscription to be owned by an account in your primary Azure AD tenant: https://learn.microsoft.com/en-us/azure/billing/billing-subscription-transfer
If the aim is to make the Office 365 directory available inside the Azure portal, this currently works:
In the Azure portal, under Active Directory, click the New button, then Directory, then Custom Create. In the Directory pull-down, select 'Use existing directory' and follow the instructions to sign out and sign in using your Office 365 admin user. This will make your Office 365 directory available inside your Azure portal (in addition to any other Azure directories you have access to.)
When you setup your Azure Subcription did you use the same account you used when you setup your Office 365 Subscription? If so you should be able to see an existing WAAD instance when you log into Azure that has your #*.onmicrosoft.com domain registered against it. If you don't see that you may be able to add the domain to Azure subscription assuming of you are the domain admin. See here: http://blogs.msdn.com/b/bspann/archive/2013/10/20/adding-existing-o365-directory-to-azure-msdn-subscription.aspx
For the sake of completion, I hope the OP would come back and accept the answer provided by Philippe.
I found this that was quite helpful: http://blogs.technet.com/b/ad/archive/2013/04/29/using-a-existing-windows-azure-ad-tenant-with-windows-azure.aspx