none
MIM Sync RRS feed

  • Question

  • Hi,

    I have two questions of similar kind. I know we can sync data from on-premises AD to MIM portal and vice-versa. Also we can sync data from on-premises AD to SQL, But:

    1. Can we sync data from SQL DB to AZURE AD?

      1a. If yes, how?

      1b. If no, what are the other ways?

    2. Can we sync data from SQL DB to On-premises AD?

    Thanks

    Tuesday, November 19, 2019 7:08 AM

Answers

  • Hi,

    Option 1. Pull data from SQL and sync it using e.g. the MS Graph Azure Connector to Azure. You'll need to unencrypt the password before provisioning the user to Azure.

    Br,

    Leo


    Did my post help? Please use "Mark as answer" or "Propose as answer". Thank you!

    • Marked as answer by BiswajeetKumar Wednesday, November 20, 2019 12:23 PM
    Wednesday, November 20, 2019 8:19 AM

All replies

  • Hi,

    1. Sure. Use the MIM Generic SQL Connector and pull data into the metaverse. Then either push it to on-prem AD and let AAD Connect Sync it to Azure AD. Or use e.g. a PowerShell connector and push the data directly to Azure AD.

    2. Sure. Use the MIM Generic SQL Connector and pull data into the metaverse, then flow it to on-prem AD.

    Br,

    Leo


    Did my post help? Please use "Mark as answer" or "Propose as answer". Thank you!


    Tuesday, November 19, 2019 7:26 AM
  • Hi,

    So what exactly do you mean by MIM Generic SQL connector. As per my knowledge there is only MAs which is used to sync data. Is it a MA too ?

    Can I not use SQL MA and AD MA to sync data either way?

    Thanks

    Tuesday, November 19, 2019 9:06 AM
  • Hi Biswajeet,

    A Connector is the new official Microsoft name for a Management Agent (MA).

    You can use both the MS Generic SQL Connector and the ADMA to sync data either way.

    Br,

    Leo


    Did my post help? Please use "Mark as answer" or "Propose as answer". Thank you!

    Tuesday, November 19, 2019 10:12 AM
  • Thanks so much for replying so quickly.

    Things just changed little now, the user data ( attributes and password) are in SQL DB only. We can not use AD to sync data to azure AD.

    We need to create users in Azure AD using the data from SQL, which contains the users encrypted password too.

    So what is the best way to achieve that keeping the same user password and other attributes?

    Thanks again

    Biswajeet

    Tuesday, November 19, 2019 12:20 PM
  • Hi,

    Option 1. Pull data from SQL and sync it using e.g. the MS Graph Azure Connector to Azure. You'll need to unencrypt the password before provisioning the user to Azure.

    Br,

    Leo


    Did my post help? Please use "Mark as answer" or "Propose as answer". Thank you!

    • Marked as answer by BiswajeetKumar Wednesday, November 20, 2019 12:23 PM
    Wednesday, November 20, 2019 8:19 AM
  • Thanks I will give it a try, although you wrote option 1, is there option 2 too?
    Wednesday, November 20, 2019 12:23 PM
  • 1. SQL to Azure : You might want to use the Azure ADConnect product to accomplish this.  There is a generic SQL connector out of the box.  I have tested in a dev environment and it seems to work.  I have had mixed results with the Azure AD MA in MIM 2016 and from what I understand it is not officially supported.  Check with MS support for specifics.

    The MS Graph to Azure connector requires a premium Azure subscription.


    2. SQL to On-prem AD : This is out of the box functionality for MIM 2016.  Use the SQL MA to connect to any table/view and then set up your inbound sync rules as you would for any other MA.

    Friday, December 6, 2019 2:08 PM