Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

(2013-11-28) FIM 2010 R2: Windows Azure Active Directory Connector

Posted by Jorge on 2013-11-28

This new Windows Azure Active Directory connector (v1.0.6567.0002) was released by Microsoft on 21-11-2013 (dd-MM-yyyy)

When having just one Active Directory Forest on-premises, it is preferred/recommended to use the out-of-the-box Directory Synchronization too, which can be downloaded from the Office 365 Admin Portal by following this link (you must have an Office 365 subscription). More detailed information can be found through the DirSync/WAAD Sync Tool Wiki. Detailed release history can be found through this link.

When having multiple Active Directory Forests on-premises it is preferred/recommended to use the new version of the Windows Azure Active Directory Connector. You can download it from here. More detailed information can be found through the Windows Azure Active Directory Connector for FIM 2010 R2 Technical Reference. To understand how to configure the connector see the Windows Azure Active Directory Connector for FIM 2010 R2 Quick Start Guide.

Other means of connecting to Azure Active Directory or Office 365 is by using the PowerShell Connector which is made available by Soren Granfeldt. You can find more info and download it from here.

From a high level perspective, the following features are supported by the current release of the connector:

Requirement Support
Operating System Support Windows Server 2008, Windows Server 2008 R2, Windows Server 2012
Other Required Software Microsoft .NET 4.0 Framework
Microsoft Online Services Sign-In Assistant
FIM Version FIM 2010 R2 (build 4.1.3496.0 and higher) ((2013-11-23) A Hotfix Rollup Package (Build 4.1.3496.0) Is Available for Forefront Identity Manager 2010 R2)
Data Source Windows Azure Active Directory
Supported Scenarios Object Lifecycle Management
Group Management

PS: Password Hash Sync NOT SUPPORTED

Supported Operations Against Data Source Full Import
Delta Import

PS: Any form of password management NOT SUPPORTED

Schema Fixed, not possible to add additional objects/attributes

Table 1: Requirements And Supports Features

And if you get this….


Figure 1: Possible Error When Configuring The Azure AD Connector And Still Using An Old Version Of The Sign-In Assistant

then, see: Troubleshooting Azure AD DirSync Tool Configuration Wizard: Failed to get address for method: CreateIdentityHandle2

* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
############### Jorge’s Quest For Knowledge #############
######### ########


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: