将Azure AD用户同步到本地AD
[英]Sync Azure AD users TO On-Prem AD
问题描述
I have Azure AD with about 50 users. 
我有大约50个用户的Azure AD。 These users were made when we purchased Office365. 这些用户是在我们购买Office365时创建的。 Let's say domain on Azure AD is example.com. 假设Azure AD上的域为example.com。 (username@example.com) Locally, we use on-prem AD to authenticate computers as well as the wirelss network via RADIUS. (username@example.com)在本地,我们使用本地AD通过RADIUS对计算机以及无线网络进行身份验证。 Let's say the local domain is corp.example.com. 假设本地域名为corp.example.com。 (username@corp.example.com) (用户名@ corp.example.com)
Now what I need is to unify the usernames and passwords. 现在,我需要统一用户名和密码。 I want usernames and passwords that are in Azure AD to be used on prem as well. 我也希望Azure AD中的用户名和密码也可用于Prem。 (So we let go of corp.example.com and move to example.com on both Azure AD and On-Prem AD). (因此,我们放弃corp.example.com并在Azure AD和On-Prem AD上都移至example.com)。
What is the process to achieve this result? 实现此结果的过程是什么? I am okay with making any changes to local or Azure AD as long as I get to use username@example.com for both for Azure AD and Local AD authentication. 只要我对Azure AD和本地AD身份验证都使用username@example.com,就可以对本地或Azure AD进行任何更改。
PS : my understanding is that locally you can't use a domain name that resolves to a website? PS:我的理解是,在本地您不能使用解析为网站的域名? (so I can't remake the on-prem AD to use example.com ? ) (因此我无法重新制作本地AD以使用example.com吗?)
1 个解决方案
解决方案1
0 2017-09-05 08:55:30
Sync Azure AD users TO On-Prem AD
For now, Azure does not support sync Azure AD users to on-prem AD (only support password write back and device write back). 目前,Azure不支持将Azure AD用户同步到本地AD(仅支持密码回写和设备回写)。
As a workaround, we can new create user same as Azure AD, and use Azure AD connect to sync this users to Azure AD, that will overwirte Azure AD user, in this way, user will use the same account to login your wirelss network. 解决方法是,我们可以新创建一个与Azure AD相同的用户,并使用Azure AD connect将该用户同步到Azure AD,这将使Azure AD用户不堪重负,这样,用户将使用相同的帐户登录您的无线网络。
For example, we can new create a user jasontest1@azure.onmicrosoft.com on your on-prem AD, user account same as your Azure AD. 例如,我们可以在本地AD上新创建用户jasontest1@azure.onmicrosoft.com ,该用户帐户与Azure AD相同。 After that completed, we can download Azure AD connect to sync on-prem user jasontest1@azure.onmicrosoft.com to your Azure AD. 完成此操作后,我们可以下载Azure AD连接以将本地用户jasontest1@azure.onmicrosoft.com同步到您的Azure AD。 Also the password will overwirte with on-prem password. 同样,该密码将被本地密码覆盖。
After sync completed, we can use new password to login your wirelss network with your Azure AD account. 同步完成后,我们可以使用新密码通过您的Azure AD帐户登录您的Wirelss网络。
Note : 注意事项 :
If we use this workaround, we should create a new user test it, make sure that will not effect your Azure AD account's other application. 如果使用此替代方法,则应创建一个新的用户对其进行测试,确保不会影响您的Azure AD帐户的其他应用程序。 Because AD sync will overwirte all attributes of your original Azure AD account. 因为AD同步将覆盖原始Azure AD帐户的所有属性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.