This option has been available for some time now. However, this is also true for its limitations. No support for device and group and device writeback, Exchange hybrid writeback and other limitations are still a no-go for most organizations. And a situation where you implement both (AD connect and Cloud Sync) is not very appealing, as you have to maintain both solutions and you cannot have any overlap. If these last few limitations are removed, this will really be the go-to solution!
you do make good points...but this is generally how it goes with new products. you either have to do a full cut over from one to the other or you have a short time of overlap I prefer the overlap method...then my existing tools continue to work while I get to know the new ones.
Great video as always. Using AAD Cloud Sync on a new environment, works well and nice to have resiliency available now. You can also enable Password Write Back too. I’m having to use AAD Connect for Device Sync though, so hoping that will come soon. Only experience I haven’t been able to replicate is the OU Limits. Test environments I have been able to sync more than what they say the limit is? Just used a simple script to create multiple OUs and Users which all came across fine and exceeded what they said is the limit?
Hi Dean, Yet another great contribution from you. Do you have any videos on Intune and Auto-pilot (hybrid join) deployments that you can direct me to? If not would you be making any vidoes in the near future to cover this topic?
Thanks! I have been looking into auto pilot and thinking through HOW I can do that as a video. I do have videos on Intune already but mostly from the perspective of managing Azure Virtual Desktop or Windows 365 Here is a link 👉 ruclips.net/p/PL-V4YVm6AmwXgVdx2Z_vn4VGlSnIEdGQ1
Under Implement password hash synchronization with Azure AD Connect sync, you will find "The actual data flow of the password hash synchronization process is similar to the synchronization of user data. However, passwords are synchronized more frequently than the standard directory synchronization window for other attributes. The password hash synchronization process runs every 2 minutes. You cannot modify the frequency of this process." (Not sure why comments with links does not show up.
good to know someone else in the "real world" is seeing this as well...not sure why my environment takes SO LONG to sync passwords...something else for me to look into 🤔😉
It can…unless you have ONLY cloud users. As in they were creative cloud native Then what I would do is export the users through code And create users in the new domain from the exported user data. Then I would migrate the data with this solution 👉 ruclips.net/video/sZ3s3GTlZi4/видео.html
This is great news; however, I already build separate cloud accounts for our other domain. If I install Cloud Sync on the other domain and start synchronizing, is there a way to marry the AD account and the cloud account together?
If you mean a cloud native account and a synced account...YES there is, but you need Azure AD Connect Transformation rules to do it today...Cloud Sync doesn't have that...YET.
Someone else said this as well, and I know the docs say this…but my AADConnect never did it that fast. But I was on an old version before I did the 2.0 upgrade…either way, thanks for sharing
I don't really see any need for this. AD Connect does the job and the setup is basically the same, AD connect even has more features. Sync can also be initiated manually with AD Connect anyway, so i think we will stick to AD connect so far.
That’s definitely your choice, but a D connect is very heavy for a solution of syncing your users Unless you need complex rules Also Adding cross domain or multi forest scenarios to sync to a single azure A.D. tenant is ridiculously easy with Cloud SYNC, and very difficult with AAD Connect
Does this do password writeback as well or does it only do password hashes? A lot of clients have Azure AD P1 and use the writeback feature of Azure AD and would love to switch if Azure Cloud Sync can do these features
If you need any of the features that are not supported in Cloud Sync then keep using AAD Connect along with Cloud Sync The Azure AD Connect v1 should be upgraded to v2 like I talked about here 👉 ruclips.net/video/AF1mHC6KmSo/видео.html
This option has been available for some time now. However, this is also true for its limitations. No support for device and group and device writeback, Exchange hybrid writeback and other limitations are still a no-go for most organizations. And a situation where you implement both (AD connect and Cloud Sync) is not very appealing, as you have to maintain both solutions and you cannot have any overlap. If these last few limitations are removed, this will really be the go-to solution!
you do make good points...but this is generally how it goes with new products.
you either have to do a full cut over from one to the other or you have a short time of overlap
I prefer the overlap method...then my existing tools continue to work while I get to know the new ones.
Very timely. This is my latest challenge. I will give this a try.
Awesome…let me know how it goes!
Great video as always. Using AAD Cloud Sync on a new environment, works well and nice to have resiliency available now. You can also enable Password Write Back too. I’m having to use AAD Connect for Device Sync though, so hoping that will come soon.
Only experience I haven’t been able to replicate is the OU Limits. Test environments I have been able to sync more than what they say the limit is? Just used a simple script to create multiple OUs and Users which all came across fine and exceeded what they said is the limit?
good to know, thanks for sharing!
thank you for your great video! 👍
Thanks for watching!
Hi Dean, Yet another great contribution from you. Do you have any videos on Intune and Auto-pilot (hybrid join) deployments that you can direct me to? If not would you be making any vidoes in the near future to cover this topic?
Thanks! I have been looking into auto pilot and thinking through HOW I can do that as a video.
I do have videos on Intune already but mostly from the perspective of managing Azure Virtual Desktop or Windows 365
Here is a link 👉 ruclips.net/p/PL-V4YVm6AmwXgVdx2Z_vn4VGlSnIEdGQ1
Most customers I work with are doing Hybrid AD join so I guess it's AD connect for now
Got it, but I’d still look into Cloud Sync with AADConnect.
Which hybrid features are they using
Damn.. this Feature hits me harder than the "Getting Started" Feature in AVD :D
Really??? What do you mean "HITS ME HARDER" Does Cloud Sync seem complicated?
If so why...let me know so we can make it better!
@@AzureAcademy no, its Beautiful :)
awesome! 👍
You look absolutely baked af in the thumbnail
LOL yeah…how would you fix it?
I think it's perfect as is haha
🤦♂️🤷🏼♂️🤪
Sorry if this is already updated, but at least sync groups is working now :)
Awesome, thanks for sharing!
Hi, great video! But The password hash synchronization process runs every 2 minutes is also within Azure AD Connect.
Is it…? Definitely not in my experience with it.
Can you share a doc or something else with me about AADConnect syncing PWD# that often by default?
Under Implement password hash synchronization with Azure AD Connect sync, you will find "The actual data flow of the password hash synchronization process is similar to the synchronization of user data. However, passwords are synchronized more frequently than the standard directory synchronization window for other attributes. The password hash synchronization process runs every 2 minutes. You cannot modify the frequency of this process." (Not sure why comments with links does not show up.
This is my experience as well usually within 120 seconds the password has been updated via ad connect..
Thanks for letting me know...I will check it out!
good to know someone else in the "real world" is seeing this as well...not sure why my environment takes SO LONG to sync passwords...something else for me to look into
🤔😉
Would love if it would have helped in M365 Tenant to Tenant cloud only migrations or mergers.
It can…unless you have ONLY cloud users.
As in they were creative cloud native
Then what I would do is export the users through code
And create users in the new domain from the exported user data.
Then I would migrate the data with this solution
👉 ruclips.net/video/sZ3s3GTlZi4/видео.html
This is great news; however, I already build separate cloud accounts for our other domain. If I install Cloud Sync on the other domain and start synchronizing, is there a way to marry the AD account and the cloud account together?
If you mean a cloud native account and a synced account...YES there is, but you need Azure AD Connect Transformation rules to do it today...Cloud Sync doesn't have that...YET.
Great video 👍
Thanks Glad you enjoyed it👍
Is there a video that tells how to join AAD joined vm's to AVD ?
YES THERE IS! 👉 ruclips.net/video/n_7nZFxhobc/видео.html
OMG!! this is beautiful...
Yes…yes it is ☺️
Azure AD Connect will replicate password changes to AAD every two minutes, just like Cloud Sync (all other changes is 30 minutes).
Someone else said this as well, and I know the docs say this…but my AADConnect never did it that fast. But I was on an old version before I did the 2.0 upgrade…either way, thanks for sharing
@@AzureAcademy even v1 synced password change within 2 minutes
🤔
I don't really see any need for this. AD Connect does the job and the setup is basically the same, AD connect even has more features. Sync can also be initiated manually with AD Connect anyway, so i think we will stick to AD connect so far.
That’s definitely your choice, but a D connect is very heavy for a solution of syncing your users
Unless you need complex rules
Also
Adding cross domain or multi forest scenarios to sync to a single azure A.D. tenant is ridiculously easy with Cloud SYNC, and very difficult with AAD Connect
Does this do password writeback as well or does it only do password hashes? A lot of clients have Azure AD P1 and use the writeback feature of Azure AD and would love to switch if Azure Cloud Sync can do these features
YES 👉 docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-cloud-sync-sspr-writeback#:~:text=%20To%20verify%20and%20enable%20password%20writeback%20in,passwords%20to%20your%20on-premises%20directory%3F%20to...%20More%20
My latest video is out...Cloud Sync with Password Writeback and Self-Service Password Reset
👉 ruclips.net/video/n3XMMpYG3KE/видео.html
What about the existing old agent?
If you need any of the features that are not supported in Cloud Sync then keep using AAD Connect along with Cloud Sync
The Azure AD Connect v1 should be upgraded to v2 like I talked about here 👉 ruclips.net/video/AF1mHC6KmSo/видео.html
Good old divesture. No wait its a divesture in reverse.
🤔 😁🤦♂️😁
☕️
Back At ya! 🍵🧋🥤🍦🍨
Thats great
😁😎
First one again !!
Man…how do you keep being #1…what’s your secret? 🏆👑🥇