将AD本地集成到Windows Azure
[英]AD on premises integration to windows azure
问题描述
I have a little confusion about directory sync which is used for AD azure integration. 
我对用于AD Azure集成的目录同步有些困惑。
1) Can anyone let me know, whether we can integrate complete on premises AD to windows azure AD using this? 1)谁能让我知道,是否我们可以使用此将完整的本地AD集成到Windows Azure AD? Or only users and groups? 还是只有用户和组?
2) If directory sync will not be helpful for complete AD integration what method will be used? 2)如果目录同步对完全AD集成没有帮助,将使用哪种方法?
1 个解决方案
解决方案1
2 已采纳 2018-03-15 18:40:28
Can anyone let me know, whether we can integrate complete on-premises AD to windows azure AD using this ?
Yes, your on-premises AD can be integrated with Azure AD (AAD) with AAD Connect tool. 是的,可以使用AAD Connect工具将本地AD与Azure AD(AAD)集成。 The integration needs prerequisites you can refer here https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-prerequisites . 集成需要先决条件,您可以在这里参考https://docs.microsoft.com/zh-cn/azure/active-directory/connect/active-directory-aadconnect-prerequisites 。 It means not all the cases can be done. 这意味着并非所有情况都可以解决。 For example, if you need to use password writeback functionality, your on-premises AD domain controller must be at least Windows Server 2008. Another prerequisite is that if your on-premises is using single label domain, it is not supported. 例如,如果需要使用密码写回功能,则本地AD域控制器必须至少为Windows Server2008。另一个前提是,如果本地使用单个标签域,则不支持该域。 Best to check the link above before the integration. 最好在集成之前检查上面的链接。
IF directory sync will not be helpful for complete AD integartion what methord will be used ?
AAD Connect provides set of features to help you build a comprehensive hybrid identity between on-premises AD and AAD. AAD Connect提供了一组功能,可帮助您在本地AD和AAD之间建立全面的混合身份。 However, if this doesn't meet your requirement, you can build some extensions programmatically to interact with AAD. 但是,如果这不符合您的要求,则可以以编程方式构建一些扩展以与AAD交互。 I don't know your preferred programming language, but here is the Authentication Library (ADAL) which is pretty much preferred for AAD development https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-authentication-libraries 我不知道您首选的编程语言,但是这里是身份验证库(ADAL),对于AAD开发而言,它是非常优选的https://docs.microsoft.com/zh-cn/azure/active-directory/develop/active目录身份验证库
AAD not only supports user and group sync, but also for custom attributes, filtering, password sync & writeback or so on. AAD不仅支持用户和组同步,而且还支持自定义属性,过滤,密码同步和回写等。 Remember AAD Connect is purposely for synchronization. 请记住,AAD Connect专门用于同步。 It does not offer too much for AAD interaction (saying that you need to manage, add more attributes or retrieve user attributes, 3rd integration...) 它并没有为AAD交互提供太多功能(例如,您需要管理,添加更多属性或检索用户属性,第三次集成...)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.