AAD Connect Installation | Hybrid Identity Model

Поделиться
HTML-код
  • Опубликовано: 24 ноя 2024

Комментарии • 77

  • @milanvucetic1292
    @milanvucetic1292 3 года назад +2

    It will be good to update 5:09 in the video. The new requirement is Domain Joined Windows Server 2012 R2 or later

    • @ConceptsWork
      @ConceptsWork  3 года назад +3

      Thanks Milan, I have pinned your comment to the top so it can help everyone.

  • @jjackson5558
    @jjackson5558 4 года назад +11

    This is by far one of the best, clear and concise tutorials on AADConnect, I have subscribed and will be watching the remaining videos. I learned more in 30min than I have reading numerous post/blogs.

    • @ConceptsWork
      @ConceptsWork  4 года назад +2

      Glad it was helpful!

    • @BhupiUncut
      @BhupiUncut 4 года назад

      @@ConceptsWork Indeed it is very helpful. Thanks

  • @TestTest-un7mn
    @TestTest-un7mn 3 года назад +1

    The best of the best videos for Azure AD on the internet! NO ONE OF!!!

  • @ammarkheder3071
    @ammarkheder3071 4 года назад

    I usually don't hit "Like" on RUclips videos,, and I defiantly don't Like video before watching them, except your videos , I started to hit like Before I even watch them. Amazing Job

    • @ConceptsWork
      @ConceptsWork  4 года назад +1

      Thanks for giving your time to our content, much appreciated.

  • @fiddley
    @fiddley 4 года назад +1

    These videos are very well done. There are lots of videos on RUclips showing the same thing but your presentation is particularly clear and easy to understand, thank you!

  • @TellaTrix
    @TellaTrix 5 лет назад +3

    I would highly encourage you, Please do post theory with practical would get more sence. .... Superb

  • @sergiosalazar1450
    @sergiosalazar1450 2 года назад

    Hi master of IT, i just to say thanks a lot for share their amaizing skills, greetings from Monterrey México.

  • @mrbusdriversir
    @mrbusdriversir 4 года назад +3

    These videos are exactly what I was looking for. Thanks for putting them together.

  • @pkaycr
    @pkaycr 5 лет назад +3

    Thank you so much! I'm your #1 FAN - Well Explained. To be honest, no question at the moment.

  • @gshravankumar536
    @gshravankumar536 5 лет назад +2

    Great videos... Clear cut.. Pls do keep posting more on different azure technology and practices

  • @chrisreisinger5002
    @chrisreisinger5002 4 года назад +1

    I wanted to say thank you. Setting this up and I am all new to it. Your videos are the best. Thank you for your time. CR

    • @ConceptsWork
      @ConceptsWork  4 года назад +1

      Great to hear!

    • @sriksrik8184
      @sriksrik8184 3 года назад

      @@ConceptsWork ..Hello sir,, you are explaining in so layman language that we feel it so easy to understand, 5 stars for your great work... you are just brilliant...

  • @77mrharidas
    @77mrharidas 4 года назад +1

    one of the good video on AD connect concept

  • @nithyanadhamsingaravadivel8547
    @nithyanadhamsingaravadivel8547 3 года назад +1

    This video is really informative. Thank you for sharing.

  • @sivakumarm3569
    @sivakumarm3569 5 лет назад +2

    I have seen many tutorials but to be honest this channel got by far the best tutorials in Azure AD, ADConnect, ADFS :) Do you have any premium course that i can subscribe? If not please add that in to your road map :)

    • @ConceptsWork
      @ConceptsWork  5 лет назад +2

      Thanks Siva,
      We don't have any premium course plans, but we will post everything most of public content here.
      If you come across any issues, please feel free to reach us @ learnconceptswork@gmail.com

  • @wanjaledeepak
    @wanjaledeepak 4 года назад +2

    Very Nice video....

  • @BijouBakson
    @BijouBakson 3 года назад +1

    Man is struggling with the language! that tongue is not happy, hmmmm hm, not at all! it must be a real achievement to be able to go through and teach in a language you do not quite master. Great content though, saving me a lot of bother. It's just hard not to focus on that accent. Thank you for the presentation, best content on the subject so far for me

  • @supratimsarkar6319
    @supratimsarkar6319 5 лет назад +2

    Could you please include topic on Sync rules to send the objects to the cloud based on the attribute value.

    • @ConceptsWork
      @ConceptsWork  5 лет назад

      We will create video for sync rules as well.

    • @supratimsarkar6319
      @supratimsarkar6319 5 лет назад

      @@ConceptsWork Thanks a lot. Waiting for your next series of videos.

  • @SumanBhowmik-d5e
    @SumanBhowmik-d5e 4 месяца назад

    Awesome explanation

  • @abhimanyusinghshekhawat6871
    @abhimanyusinghshekhawat6871 4 года назад +2

    Thanks for such a point to point videos.. I have one query If we enable SSO for 3 Domain in a forest, will the portal asking me for all the three Domains' DA credential and create the AZUREADSSOACC in all the three domains?

    • @ConceptsWork
      @ConceptsWork  4 года назад +1

      This account is created in each forest. If you have multiple domains and one forest, there will be one account.

    • @abhimanyusinghshekhawat6871
      @abhimanyusinghshekhawat6871 4 года назад

      @@ConceptsWork thank you..

  • @nikhilkalra1530
    @nikhilkalra1530 5 лет назад +2

    Suggestion- Although, I know you must be aware, but please update on 'Methods' slide federation can be used along with password hash sync as a backup. Obviously, only when client's legal and compliance allows.

    • @ConceptsWork
      @ConceptsWork  5 лет назад

      Exactly, thanks for bringing this up, yes we can have password hash as a backup for ADFS. Also, you can sync password for Identity protection credential theft checksum , will be covering this in lot more details in my up coming video.

    • @nikhilkalra1530
      @nikhilkalra1530 5 лет назад

      @@ConceptsWork That would be intresting, looking forward.

  • @kannanganapathi7629
    @kannanganapathi7629 4 года назад +2

    Thanks for your Wonderful session. I have to migrate ADFS 2012 R2 to 2016 and also migrate AAD connect as well. Can you please provide any refference link or Videos for migration. It will help me lot...

    • @ConceptsWork
      @ConceptsWork  4 года назад

      Migration ADFS - docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/upgrading-to-ad-fs-in-windows-server

  • @ammarchoukier9240
    @ammarchoukier9240 2 года назад

    Thanx for the great video , I have a question please , how to add a new OU TO THE SYNC CYCLE after the initial ad connect setup and configuration , like after few days from the initial setup we required to add another OU TO BE SYNCHED TO AZURE AD

    • @ConceptsWork
      @ConceptsWork  2 года назад

      In connector properties, there is an option to select OU's.

  • @CharlesLouis_inspire_me
    @CharlesLouis_inspire_me 3 года назад +1

    Thanks for the tutorial. Very useful indeed.

  • @sharatthkumar8259
    @sharatthkumar8259 5 лет назад +2

    Awesome sir

  • @jadhav44
    @jadhav44 5 лет назад +2

    Any Significance of using builtin accounts for different sources like Onprem Connector, Cloud Connector and an account used for syncing the identities?Can I use my custom accounts instead using these msol, sync, AAD accounts and if Yes, what difference it is going to make to my environment? Can I use Mobile Number as preferred UPN to sign-in to my Online services getting authenticated via Azure AD?

    • @ConceptsWork
      @ConceptsWork  5 лет назад

      You can use builtin Objects as well, but make sure all of them have the required privelages.
      Click here to check permissions - docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-accounts-permissions
      You cannot use Mobile phone, check this video to know how HRD happens with upn and email - ruclips.net/video/IhmNXSNL2zg/видео.html

  • @BhupiUncut
    @BhupiUncut 4 года назад +1

    Very informative

  • @inetregsameer
    @inetregsameer 4 года назад +1

    Very informative.

  • @jasvindersingh4338
    @jasvindersingh4338 4 года назад +1

    Hello, Great work. Have a question, typically when Internal AD Domain Names or UPN are not same as what organization may have externally (like internal UPN may be username.den.local) and externally might be username.lion.com (as registered domain): In that case, one will only be able to register and verify lion.com and thus, at 22:38 mins of your video, shall one select EMAIL and not UPN?
    Secondly: In event when AADConnect is configured to full sycn (default config of AD Connect) Also in that case, when users login to o365 or outlook online, they have to use their email id (which of course is public id) or can they also use den/username for login? Thanks in anticipation. Regards.

    • @ConceptsWork
      @ConceptsWork  4 года назад +1

      You can choose email or UPN, but what you must ensure, whichever attribute you choose, the suffix should be a verified domain.
      So, if we have users on-prem like “user@conceptswork.local”, but the email is “user@conceptswork.com”;
      In this case while installing AAD Connect, I will select email to be synced as UPN.
      You cannot user any other value apart from UPN to sign in to any service which uses azure AD.
      How it works?
      When the user gets redirected to login.microsoftonline.com and types username which has to be (user@domain.com), in this case domain.com is used to check what type of user is trying to sign is it federated or managed.

    • @jasvindersingh4338
      @jasvindersingh4338 4 года назад

      @@ConceptsWork Thanks, that clarifies. Keep up the good work...

  • @truereligionhinduism
    @truereligionhinduism 4 года назад

    Awesome Video, may i know why you didn't checked the password writeback option, as it would be handy to have write privelege both ways, or does it require any further configuration if we check that box?

    • @ConceptsWork
      @ConceptsWork  4 года назад

      For password write there are 3 videos, that cover the permissions part.

    • @truereligionhinduism
      @truereligionhinduism 4 года назад

      @@ConceptsWork Thanks Mate, would you be kind enough to share the url for those 3 videos please

    • @ConceptsWork
      @ConceptsWork  4 года назад

      ruclips.net/video/E24eO3tvKYE/видео.html

  • @ishwarsingh7597
    @ishwarsingh7597 5 лет назад +2

    U r amazing

  • @wanjaledeepak
    @wanjaledeepak 4 года назад

    Question is not related to AAD but I have a different question
    1. Why Microsoft Azure having 3 Fault Domain (why not more than 3 or less than 2)
    3. Also Why there is 3 availability zone, why not more/less

    • @ConceptsWork
      @ConceptsWork  4 года назад

      This is by design configuration, as the schema object doesn't list these values, please click here to check the schema object.
      gallery.azure.com/artifact/20161101/Microsoft.AvailabilitySet-ARM.1.0.1/UIDefinition.json

  • @prajithkarumathil
    @prajithkarumathil 4 года назад +1

    thanks for the video.
    'Adding and verifying Domain' not clear about this part. What exactly needed? can u pls help on this?

    • @ConceptsWork
      @ConceptsWork  4 года назад +1

      Please find the link mentioned below.
      support.office.com/en-us/article/connect-your-domain-to-office-365-cd74b4fa-6d34-4669-9937-ed178ac84515

    • @prajithkarumathil
      @prajithkarumathil 4 года назад

      @@ConceptsWork : Thanks. Your previous video had cleared my doubt.

  • @tektok7240
    @tektok7240 2 года назад

    AAD_* service account is not getting created. can you please suggest some troubleshooting methods.
    Thankyou!

  • @dhaneswarpokhariyal115
    @dhaneswarpokhariyal115 5 лет назад +2

    Sir, Any option that we can use few users for PHS & others for PTA?

    • @ConceptsWork
      @ConceptsWork  5 лет назад +1

      No that's not possible, this is a directory wide change.

  • @jaybala
    @jaybala 3 года назад

    awesome stuff. thank you.

  • @venkateshg6920
    @venkateshg6920 4 года назад +1

    Hello All,
    I have one issue regarding synchronization, The Issue is I was configured a hybrid azure ad joined devices but unfortunately I had deleted the devices in the on-premises active directory directly 2 months back, after that I had run the sync cycle with the help of Azure AD connect server but the HAADJ devices are available in azure portal still.
    How we can delete the devices which are available in the Azure portal.

    • @ConceptsWork
      @ConceptsWork  4 года назад +1

      You can delete those devices directly from portal.

    • @venkateshg6920
      @venkateshg6920 4 года назад

      @@ConceptsWork yeah we can delete those devices directly from the portal.
      So, my question is why those devices are showing in the AD connect server for 2 months after deletion from on-premises AD. i can see the device and devices id's as well.

  • @ricardocavaleiro8865
    @ricardocavaleiro8865 4 года назад +1

    thank you!!!

  • @sharatthkumar8259
    @sharatthkumar8259 5 лет назад +2

    Sir, can a vm be hybrid azure ad joined?

    • @ConceptsWork
      @ConceptsWork  5 лет назад +1

      Yes, if your domain is managed, make sure it is in sync scope and if your domain is federated make sure the authentication works properly. Soon, I will be posting video for entire device management of Azure AD.

  • @mayankkapoor6153
    @mayankkapoor6153 3 года назад

    How can we check what are the passwords of all the service accounts created automatically? Also how and in what scenarios we can change passwords of these service accounts?

    • @ConceptsWork
      @ConceptsWork  3 года назад

      Checking password doesn’t make sense as these are service accounts, but you can change the password. If you change the password then you have to update it manually in the respective containers.

  • @nikamanup21
    @nikamanup21 4 года назад

    Hi , It is a great video, I have one query on this the created account it is seen using a password which we have not set so how we can check this password and if we can change the password there is any issue has happened

    • @ConceptsWork
      @ConceptsWork  4 года назад +1

      You should manually not change the password of the service account, but the password on connector accounts can be updated.
      it is recommended not to make any changes, but lets say you make change to MSOL account password, then just get it updated on the connector.