OFFICE 365
16
WWW.ILTANET.ORG | ILTA WHITE PAPER
Microso Office 365 offers a treasure trove of features to bolster
productivity and Azure Active Directory controls access to most. One of
the most important decisions you will make when deciding to venture into
the Microso cloud is how to synchronize identities and authenticate with
Azure Active Directory (AD).
Ways to Synchronize
There are two ways to synchronize. All Azure AD accounts are classified as
either "in cloud" or "synced" with Active Directory. The classifications are
self-explanatory, but note the caveats for each.
» Synced with Active Directory: A synced account is sourced from the
on-premises AD and its properties are synchronized with Azure AD via
Azure AD Connect, Microso's free synchronization tool, which matches
changes made in AD to the cloud. Synced accounts require a hybrid
Exchange server for managing Exchange properties as all changes
are made on-premises; and because using ADSI Edit for everyday
management tasks is highly inadvisable (and highly unsupported by
Microso). In this scenario, users will have a single username/password
pair to access Office 365 resources.
» In Cloud: An in cloud account is not connected to the user's local AD.
While the Office 365 username (generally the user's email address)
may match the on-premises user principal name, nothing keeps any
of the aributes of those accounts in sync. Passwords can diverge and
users may have to remember two sets of credentials. In cloud does not
require a synchronization tool and precludes the use of Active Directory
Federation Services (ADFS) or any other identity federation tools.
by Dominick Ciacciarelli of Kra Kennedy
Staying in Sync: How to Choose an Office 365 Authentication Method
Staying in Sync:
How to Choose an Office 365
Authentication Method