none
Connect Sharepoint on Azure & Users (AD) On Premises

    Question

  • Platform   Sharepoint 2013

    Requirement to Connect to Sharepoint Farm in Azure but AD is in On premises

    Install Azure Adconnect (pass-thru authentication) and establishes the connection (dir sync)But still could not give the users access permission from on premises AD on Sharepoint.

    Azure AD is built with domain controller ,SQL and Sharepoint ..package selected as Non-HA Sharepoint farm from azure.

    Any idea to setup the above .Appreciate if somebody can guide to setup the same.

    Thanks & Regards

    Gops

    Friday, April 14, 2017 7:13 PM

Answers

All replies

  • Hi Gops,

    To use on-premises AD users in SharePoint Azure farm, we need to sync on-premises AD to Azure AD.

    According to your description, after sync, can you see the AD users when go to Users >Active Users in Office 365 portal?

    Please follow the steps by steps in the article below to make sure you sync on-premises Active Directory to Azure Active Directory with Azure AD Connect correctly:

    https://www.codetwo.com/admins-blog/how-to-sync-on-premises-active-directory-to-azure-active-directory-with-azure-ad-connect/

    Best regards,

    Grace Wang


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, April 17, 2017 6:11 AM
  • We are not using office 365 environment

    We used the AAD connect and connected to Azure directory (default).But SharePoint installed have its own AD in azure (non HA farm).Now we could see only the people inside that AD (related to SharePoint) to give permissions on Sharepoint.But we sync our on premises AD with azure directory .We are trying to give permissions to users from azure default directory. As it already synced with On site AD ,we are trying to could give permission to those users in Azure default directory

    Monday, April 17, 2017 6:48 AM
  • Hi Gops,

    To connect On-premises AD with AD in Azure virtual network, I suggest you extending On-Premise Active Directory network to Windows Azure virtual network.

    Refer to the articles below:

    https://technet.microsoft.com/en-us/library/dn786406.aspx

    https://blogs.technet.microsoft.com/keithmayer/2013/01/20/step-by-step-extending-on-premise-active-directory-to-the-cloud-with-windows-azure-31-days-of-servers-in-the-cloud-part-20-of-31/

    Best regards,

    Grace Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    • Marked as answer by Gopakumar0 Wednesday, April 19, 2017 4:27 PM
    Monday, April 17, 2017 10:39 AM
  • Sorry that our requirement is little very selective.

    We don't want to extend the AD and we don't want the password of users  to be sync with Azure.hence we choose pass-thru authentication

    We searched quiet a lot but could not get the design what we require...or what we aim to get.

    Closer solution is below link

    https://technet.microsoft.com/en-us/library/dn635311.aspx

    Looks like if we successfully implement as per above link may be we could connect to Azure  Sharepoint by our on premises users.

    Kindly advise

    Monday, April 17, 2017 2:38 PM
  • So, you want SharePoint in Azure and to use AD identities from your on-prem AD instance.

    Extending AD is the simplest, cheapest and best way to do this. This would not use ANY Azure AD, just an AD controller in the Azure environment that you'd connect to your network.

    If you are not using the extended system then yes, you could use AAD as an identity provider as that link suggests.

    Monday, April 17, 2017 2:55 PM
  • Yes Exactly as you have mentioned ..exactly want SharePoint in Azure and to use AD identities from our on-prem AD instance.

    Extending AD requires site to site VPN which is not allowed in our organization.

    We will try the steps as mentioned in the link and hopefully we will be able to succeed the connectivity to Sharepoint on Azure for the  on premises users.

    Thanks 

    Gops


    • Edited by Gopakumar0 Monday, April 17, 2017 4:01 PM
    Monday, April 17, 2017 3:56 PM
  • Am marking as answer for Grace WR's comment  as even tough its not suiting for my environment ,it will be helpful for others 
    Wednesday, April 19, 2017 4:27 PM