none
Customize Azure AD Connector RRS feed

  • Question

  • Hello Friends,

    I am in a process where our management wants to migrate all FIM Management Agents to Azure AD Connector. Is it possible to customize all FIM MA to AzureAD Connector ? If yes, can any one please guide me or share any documentation would be appreciated and really helpful to me.

    Currently we have ADMA, SQLMA, Lotus Notes MA, Azure MA (DirSync) and Azure License MA (Powershell ) 

    Thanks & Regards,

    Pramod Chandra Das | IND


    With Best Regards, Pramod Chandra Das

    Saturday, December 10, 2016 9:32 AM

Answers

  • No.

    Azure AD Connect is used only (primarily - watch this space) to sync your on prem AD/AD's to Azure AD. So while on prem apps can AuthN to on prem AD all the Cloud apps (MS or others) can AuthN to Azure AD... sort of like two sides of a coin (separate but the same (I mean similar) Any who the configuration (Sync Manager tool) is different in AADC  so you cannot migrate or configure in a similar way to FIM/MIM MA's... The only MA that AADC is intended to replace is the WAADC (the MA that runs on FIM to sync to Azure AD). WAADC is not yet deprecated... another story.... but has over the years been replaced with a standalone sync solution to Azure called DIRSYnc then called ADSync (as I recall) and now called AADC... AADC can only be customized in the way it connects on prem AD's to Azure and attirbute flows you wnat to modify (but always copy the MS sync rules and modify as upgrades to AADC may impact oob rules that have been modified). There are some interesting differences (like you need an outbound sync rule join to export flows to on prem AD .. and ....... anyway I digress).

    No is the answer. I hope you see where AADC would sit alongside FIM/MIM ie to replace WAADC that is going away

    Nigel Jones

    Saturday, December 10, 2016 9:12 PM

All replies

  • No.

    Azure AD Connect is used only (primarily - watch this space) to sync your on prem AD/AD's to Azure AD. So while on prem apps can AuthN to on prem AD all the Cloud apps (MS or others) can AuthN to Azure AD... sort of like two sides of a coin (separate but the same (I mean similar) Any who the configuration (Sync Manager tool) is different in AADC  so you cannot migrate or configure in a similar way to FIM/MIM MA's... The only MA that AADC is intended to replace is the WAADC (the MA that runs on FIM to sync to Azure AD). WAADC is not yet deprecated... another story.... but has over the years been replaced with a standalone sync solution to Azure called DIRSYnc then called ADSync (as I recall) and now called AADC... AADC can only be customized in the way it connects on prem AD's to Azure and attirbute flows you wnat to modify (but always copy the MS sync rules and modify as upgrades to AADC may impact oob rules that have been modified). There are some interesting differences (like you need an outbound sync rule join to export flows to on prem AD .. and ....... anyway I digress).

    No is the answer. I hope you see where AADC would sit alongside FIM/MIM ie to replace WAADC that is going away

    Nigel Jones

    Saturday, December 10, 2016 9:12 PM
  • in addition to nigel, if you run a multi forest and use fim or mim to sync accounts between them, you should keep that part on your additional server. if you have a aadc setup to to azure , you must keep that on the separate server to. both products have a different scope and you can run them site by site doing their own tasks but you can not combine them into one.

    MCTS exchange 2013 | MCTS-MCITP exchange 2010 | MCTS-MCITP Exchange: 2007 | MCSA Messaging: 2003 | MCP windows 2000

    Saturday, December 10, 2016 9:38 PM
  • Thank you very much Nigel for a swift guideline.

    With Best Regards, Pramod Chandra Das

    Sunday, December 18, 2016 6:24 PM
  • Thank you Martijin for this advice. 

    With Best Regards, Pramod Chandra Das

    Sunday, December 18, 2016 6:24 PM