Configuration

Advanced AAD Connect Permissions Configuration

Updated with additional requirements and scenarios, 2017-10-26.

I recently worked with a customer that needed assistance in configuring the additional permissions required for AAD Connect delegation.  After chasing down an incredible number of prerequisite information, I decided it would be more helpful to my customer to put together a tool that would help them configure the various permissions delegations.… [ Continue reading ]

Identity

Use AADConnect to add a Proxy Address

* UPDATE* After doing this originally, I decided to take a different route and write it back to the on-premises AD, so that way, the objects are synchronous.  This post now reflects the updated content.

A few weeks ago, I had an issue where I needed to remove a proxy address from the proxyAddresses array of a user being synchronized to Office 365. … [ Continue reading ]

Identity

Remove an unwanted ProxyAddress pattern from users via AADConnect

I had an interesting request from a customer the other day where they were synchronizing Active Directory into two disparate environments–Office 365 and another hosted Exchange environment.  In their new Office 365 environment, they didn’t want any address proxies matching a particular pattern to be part of a user’s proxyAddress array–BUT–they also didn’t want to remove them from their on-premises accounts since they are being used by their other hosting environment as an application routing address.… [ Continue reading ]

Identity

Switching from Federated to Cloud Auth (AD FS to Dirsync/AADSync + Password Hash Sync or Password Hash Sync Failover)

A few years ago, we released “DirSync with Password Hash Synchronization,” and it was kind of an all-or-nothing choice.  You could either have a synchronized account database with synchronized password hashes (so users would authenticate in the cloud), or a federated environment. … [ Continue reading ]