Using AZure Indtegration

I'm having issues understanding some of the documentation.

I'm bascially stopped at Configuring BackSync.  What is this for?  The details do not help me understand what is happening.  What is being synced?  Accounts from Azure back to my AD?  Doesn't ADConnect already do some of this?

I'm also trying to understand how the integration with AzureAD works in Active Roles.  I'm confused from the start with account creation.  I'm almost scared to even try it.  It feels like I'm creating two different accounts.  The wizard for a new user starts with creating an AD account then has a checkbox for creating an Azure account.  I don't want to create two different accounts I want them to be the synced by Azure.  Is this in relation to the BackSync from above?  I would like to know where I can read more about this.

  • The explanations of "why" for the Azure integration is definitely lacking.

    The purpose of the back sync is to help Active Roles to associate on-prem objects with their Cloud equivalents.  So essentially what you are configuring is a copying of the unique identifier of each Cloud object into a virtual attribute of the corresponding on-prem object stored in Active Roles.  This is a non-destructive process and will have no negative impact on either the Cloud object or the on-prem one.  It will however enable the Admin service to reach out to the Cloud object to read its properties and show them to you in the web UI.

    The object creation process you describe is indeed a bit peculiar given the realities of customer environments (most people do use AADC to keep their on-prem and tenant environments in sync).  It was likely originally designed for use cases where AADC was not present and so the "normal" provision on-prem-and-let-AADC-replicate flow of things doesn't apply.

    I hope this helps you a bit.

Reply Children