Getting started with Azure Active Directory Sync Part 1
I’ve recently been involved in setting up an Azure Active Directory service and syncing it with an on-premises AD. The process is made to seem straightforward in Microsoft’s documentation but the management tools you need to download and install before you can successfully manage it are not well documented and in some cases, buggy too!
In order to administer your Microsoft Azure Active Directory, you’ll need to obtain these downloads.
- PowerShell 4.0
You may as well have the latest and greatest in PowerShell so grab a copy of this from: http://go.microsoft.com/fwlink/p/?LinkId=320376 Yes, it says Management Framework but it’s PowerShell 4.0
Microsoft Online Services Sign-In Assistant for IT Professionals (or BETA)
You may alternatively need to installed the BETA version of the Online Service Sign-In Assistant if you get an error when you attempt to install the Azure Active Directory PowerShell Module telling you that you need version 7.0. You can find this here: http://www.microsoft.com/en-us/download/details.aspx?id=39267
Microsoft Web Platform Installer (Install Windows Azure PowerShell (not SDK)
To not install the SDK version, click the “back” arrow at the top right and then click the Remove button. Then click Install on the Standalone version.
Download (latest/a working!) version of the Azure Active Directory PowerShell Module from
I was battling against an issue in the 8362.1 release of the PowerShell Module which caused an error when attempting to use any account to connect to my Azure Active Directory, so be aware that, at least at version 8362.1, the Microsoft Azure Active Directory PowerShell Module didn’t allow me to log in using the Connect-MsolService command, just to authenticate!
$me = Get-Credential Connect-MsolService -Credential $me
Issuing the above commands, even with a global administrator account specified in the credentials, resulted in the following error:
Connect-MsolService : The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error.
The solution was to download the 8262.2 version of the Microsoft Azure Active Directory PowerShell Module from the above link.
For people new to this, I’m told that DirSync will soon be heading the way of the dodo and will be replaced by Microsoft Azure Active Directory Sync Services which you can get from:
Install these four on a standalone domain joined server and you’re all set.
Let me know if there’s appetite for a Part 2 (doing it) and I’ll document setting up the sync with the toolset I’ve described above.
EDIT: Having had a request, practically within the hour, to do a Part 2, I’ll label this post as Part 1 and work on Part 2 as soon as I’m able.