Azure Application Proxy – Part 4

Setting up Azure Active Directory Sync

The first step is to add a “custom domain” to Azure Active Directory in preparation for directory synchronization.

In this sequence we will add our custom domain (in my case “andyt.work”) to our default directory we were assigned when we created a new Azure account.

Login to the “old” portal https://manage.windowsazure.com

Select Active Directory from the left hand icons and then ensure the Default Directory is selected.

appproxyp4-0-admin

Now ensure one of your cloud user has “Global Admin” rights over the directory, here I have a user called “admin” that has that capability:

appproxyp4-1-global

Now enter the “Domains” section of the Default Directory and Click the Add button at the bottom of the screen.

appproxyp4-2-add

Enter the domain name you own and click “add”appproxyp4-3-andyt

The next step involves making a TX record entry with domain registrar. The details of the TX record are shown on screen. There is also a link to a web page describing the process of adding the required TX record for various different domain registrars.

Once you have added the TX record and waited a while for it to propagate click “Verify”

appproxyp4-4-verify

Having completed the verify process you should see the domain as verified , you can now switch the assigned primary domain to your custom domain using the “Change Primary” button at the bottom of the screen.

appproxyp4-5-chpri

Specify your domain as the new primary and press the tick button to confirm

appproxyp4-6-chpri2

We now have registered our domain and made it the primary.

The next step is to synchronize our on premise active directory domain with the Azure hosted Active Directory.

Navigate to the Directory Integration section of the Default Directory and enable Directory Sync, and Save

appproxyp4-7-activate

Next download the AD connect tool to one of your domain controllers or a domain connected machine/VM from:

https://www.microsoft.com/en-us/download/details.aspx?id=47594

Run the Wizard

appproxyp4-8-exe

The AD Connect Wizard has an Express set up option which is sufficient for most cases

appproxyp4-9-wiz1

Enter the credentials of your Azure user that has Global Admin rights that we set up earlier (“admin” in my case).

appproxyp4-12-wiz4

Enter credentials of the local domain administrator

appproxyp4-13-wiz5

Finish by clicking Install

appproxyp4-14-wiz6

Back in the Azure portal you should now see any local users defined in your Active Directory domain also appearing in the users section of the Default Directory:

appproxyp4-16-synched

Your directory is now “synced” with Azure Active Directory, users can sign on to cloud based application using their username (email address) and the same password as they use on premise to sign onto your local domain.

3 thoughts on “Azure Application Proxy – Part 4”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s