Getting started with Azure Active Directory Sync Part 1
Part 1: Getting started with Azure Active Directory Sync – Tools
Part 2: Getting started with Azure Active Directory Sync – Actually doing it
Part 3: Getting started with Azure Active Directory Sync – Mopping up
I’ve recently been involved in setting up an Azure Active Directory service and syncing it with an on-premises AD. The process is made to seem straightforward in Microsoft’s documentation but the management tools you need to download and install before you can successfully manage it are not well documented and in some cases, buggy too!
In order to administer your Microsoft Azure Active Directory, you’ll need to obtain these downloads.
- PowerShell 4.0
You may as well have the latest and greatest in PowerShell so grab a copy of this from: http://go.microsoft.com/fwlink/p/?LinkId=320376 Yes, it says Management Framework but it’s PowerShell 4.0 -
Microsoft Online Services Sign-In Assistant for IT Professionals (or BETA)
http://www.microsoft.com/en-gb/download/details.aspx?id=28177
You may alternatively need to installed the BETA version of the Online Service Sign-In Assistant if you get an error when you attempt to install the Azure Active Directory PowerShell Module telling you that you need version 7.0. You can find this here: http://www.microsoft.com/en-us/download/details.aspx?id=39267 -
Microsoft Web Platform Installer (Install Windows Azure PowerShell (not SDK)
http://go.microsoft.com/fwlink/p/?LinkId=320376
To not install the SDK version, click the “back” arrow at the top right and then click the Remove button. Then click Install on the Standalone version. -
Download (latest/a working!) version of the Azure Active Directory PowerShell Module from
http://social.technet.microsoft.com/wiki/contents/articles/28552.microsoft-azure-active-directory-powershell-module-version-release-history.aspx
I was battling against an issue in the 8362.1 release of the PowerShell Module which caused an error when attempting to use any account to connect to my Azure Active Directory, so be aware that, at least at version 8362.1, the Microsoft Azure Active Directory PowerShell Module didn’t allow me to log in using the Connect-MsolService command, just to authenticate!
$me = Get-Credential Connect-MsolService -Credential $me
Issuing the above commands, even with a global administrator account specified in the credentials, resulted in the following error:
Connect-MsolService : The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error.
The solution was to download the 8262.2 version of the Microsoft Azure Active Directory PowerShell Module from the above link.
For people new to this, I’m told that DirSync will soon be heading the way of the dodo and will be replaced by Microsoft Azure Active Directory Sync Services which you can get from:
http://www.microsoft.com/en-gb/download/details.aspx?id=44225
Install these four on a standalone domain joined server and you’re all set.
Let me know if there’s appetite for a Part 2 (doing it) and I’ll document setting up the sync with the toolset I’ve described above.
EDIT: Having had a request, practically within the hour, to do a Part 2, I’ll label this post as Part 1 and work on Part 2 as soon as I’m able.
-Lewis
Yes please, do continue – I’ve just spent three and a half hours bang my head against the desk. Downgrading to the earlier version of PS certainly helped.
Hi Michael, I expected it to be a little longer than 2 hours before someone asked but I’m glad I’m helping already!
I’ll need to decommission my existing Azure AD, sync settings and rebuild a test DC first so please bear with me.
-Lewis
man I cant believe I’ve been working on this for 3 hours and you just posted what I hope to be my exact fix. Thank you and google search 🙂
After a mammoth 5 hour documenting session, part 2 is now online. It’ll be rough around the edges but is complete.
This worked like a magical wand. The issue was because of the update patch which MS had released. When we downgraded the Azure PS version, it worked like a charm. Thanks a lot Lewis.