Sunday, August 2, 2015

Part 5: Sync On-Premises AD to Intune portal

Part 5: Sync On-Premises AD to Intune portal
To utilise Microsoft could services and benefits, we need to integrate On-Premises Active Directory with Azure AD. By doing this we also get benefit of;
        - Simplified cloud-based administrative tasks
        - Simplified end user application management
        - Better end user experience
        - Enable single sign-on capabilities
        - Mobile device management and device enrollment

To sync On-Premises Active Directly with Microsoft Intune, we need to install DirSync and run the synchronisation.
We can use the DirSync tool which was downloaded earlier from Microsoft Intune portal.
1. Install the DirSync tool by running the DirSync.exe as Administrator
1.1 Click Next on the Welcome page
1.2 Click Accept on Microsoft License Terms then click Next
1.3 Choose the installation folder then click Next
1.4 The installation will start and it will take sometime
1.5 Click Next on the Installation Complete window
1.6 Click Finish on the final page.
2. By default, the configuration window will launch upon successful installation of DirSync tool.
    Otherwise launch the DirSync tool as Administrator to Sync On-Premises Active Directory to
    Microsoft Online Services
2.1 Click Next on Windows Azure Active Directory Sync tool Configuration Wizard Welcome page
2.2 Enter Microsoft Intune subscription login details on Windows Azure Active Directory   
      Credentials page then click Next
2.3 Enter your On-Premises AD credentials on Active Directory Credentials page then click Next
2.4 Click Next on Hybrid Deployment page
2.5 Select Enable Password Sync on Password Synchronization page then click Next
2.6 The tool will start configuring the sync. When completed the configuration click Next
2.7 The Finished window will sync On-Premises active directory to Microsoft Online services
2.8 Wait for few minutes then logon to Microsoft Intune portal.
      Then click on Users on the left panel on Microsoft Intune portal
      You should able to see the Synced users from On- Premises AD on the right side of the
      workspace. This will confirm that the DirSync tools is working as it should.
3. Now click on intune user (the user we have created in AD for testing) in Microsoft Intune portal,
   Then click on Settings
3.1 Assign a role from the Settings tab.
      Typically to use the online services, the user sign-in status should be set to Allowed. Otherwise
       the users wont be able to use the online services
If you want to give the user administrative roles the following roles can be assigned.
     Click on Save when done.
3.2 Now the intune user is allowed to access Microsoft online services with the company email ID
      and password.
      To make changes to the multiple users in one go, select the required users then click on "Activate
       Synced Users"
4. If you logon to a mobile device, the user should be able to logon and enroll their device

Remaining other parts of this article is here

No comments:

Post a Comment