Authentication: Microsoft Entra Cloud Sync: Difference between revisions

Authentication: Microsoft Entra Cloud Sync is a new offering from Microsoft designed to meet and accomplish your hybrid identity goals for synchronization of users, groups, and contacts to Microsoft Entra ID. It accomplishes this by using the Microsoft Entra cloud provisioning agent instead of the Microsoft Entra Connect application. You may learn more about Microsoft Entra Cloud Sync and the new features it offers by reading Microsoft's What is Microsoft Entra Cloud Sync? article.

The following setup guide walks through a typical deployment process to synchronize an already configured Authentication:Active Directory domain sync with Authentication: Microsoft Entra Cloud Sync. It is HIGHLY recommended you view Microsoft's Install the Microsoft Entra provisioning agent article as I have to ensure you are using the correct agent for your environment and are following best practices. It appears deploying the agent on an Active Directory Domain Controller, is fully supported now. Unfortunately, Servers: SAD-DC01 and Servers: SAD-DC02 are both utilizing Windows Server Core, which is still not supported. Future domain controllers in my environment will most likely follow suit, so I will be installing the agent on Servers: SAD-AUTH01, which, in addition to the agent, hosts Authentication: Microsoft NPS to authenticate Network: Road Warrior VPN.

Setup an additional Active Directory UPN

An active Directory User Principal Name, or UPN, is a DNS domain name, often used to specify the Windows domain name. For example, the default UPN is internal.sysadminafterdark.com. In order to meet the prerequisites to sync the directory with Entra, another UPN for sysadminafterdark.com must be added and changed for the users we would like to sync.