Identity is the new control plane of IT security, so authentication is an organization’s access guard.
The Azure AD Connect is an on-premises Microsoft application that is designed to meet and accomplish organization hybrid identity goals. It is a solution that bridges an organization’s on-premises Active Directory with its cloud-based Azure Active Directory (Azure AD). IT can synchronize identities from on-premises into Azure and ensures a consistent identity across both platforms.
Integrating on-premises directories with Azure AD makes the organization users more productive by providing a common identity for accessing both cloud and on-premises resources. With Azure AD Connect, users can use a single identity to access on-premises applications and cloud services such as Microsoft 365. Additionally, organizations can provide an easy deployment experience for synchronization and sign-in using a single tool. The Azure AD Connect replaces older versions of identity integration tools such as DirSync and Azure AD Sync and is included in your Azure AD subscription.
This connection enables services like password hash synchronization, pass-through authentication, and Seamless Single Sign-On (SSO). The Azure AD Connect provides the following capabilities:
- Synchronization – Responsible for creating users, groups, and other objects. Then, make sure identity information for your on-premises users and groups is matching the cloud. This synchronization also includes password hashes.
- Password hash synchronization – A sign-in method that synchronizes a hash of a user’s on-premises AD password with Azure AD.
- Pass-through authentication – A sign-in method that allows users to use the same password on-premises and in the cloud, but doesn’t require the extra infrastructure of a federated environment.
- Federation integration – Federation is an optional part of Azure AD Connect and can be used to configure a hybrid environment using an on-premises AD FS infrastructure. It also provides AD FS management capabilities such as certificate renewal and more AD FS server deployments.
- Health monitoring – Azure AD Connect-Health provides robust monitoring.