Ask the Community
Groups
Hybrid AD Integration - Connect IT Community | Kaseya
<main> <article class="userContent"> <p><span data-contrast="auto">BMS can automatically create and sync client and employee records based on the users that are defined in one or more Active Directory tenants. BMS integrates with cloud-based or hybrid identity environments, so if you have on-premises Active Directory only, you will need to sync it with Azure AD via Azure AD Connect and then sync BMS to Azure AD. </span>This article covers the setup for Azure AD Connect. Once complete, you will need to continue with<span data-contrast="auto"> <a rel="nofollow" href="https://kaseya.vanillacommunities.com/kb/articles/aliases/kaseya/hc/en-gb/articles/360009901418">Azure AD Integration</a>.</span></p> <p><img src="https://us.v-cdn.net/6032361/uploads/migrated/DWIDLP7VHIWA/mceclip0.png" alt="mceclip0.png" class="embedImage-img importedEmbed-img"></img></p> <p><strong>Note</strong>: To retry the following steps, uninstall the existing synchronization service, Azure AD Connect, and health engine from the control panel.</p> <ol><li>Create and verify your custom domain name.</li> <li>Download AD Connect on your on-premise machine from <a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fdownload%2Fdetails.aspx%3Fid%3D47594">Microsoft Download Center</a>.</li> <li>Start the installation on the on-premise server.</li> <li>Use the recommended default settings by clicking <strong>Use Express Settings</strong>.</li> <li>Enter your global administrator Active Directory credentials.</li> <li>Enter your on-premise administrator account.</li> <li>If you didn’t verify your custom domain, it will be listed as Not Verified, but you may continue.</li> <li>Check the <strong>Start the sychronization process…</strong> box, and then click <strong>Install</strong>.</li> <li>Once the installation is finished, go to PowerShell and check your scheduler settings by using the following command. The default scheduler cycle interval is 30 minutes.</li> </ol><pre class="code codeBlock" spellcheck="false" tabindex="0">Get-ADSyncScheduler</pre> <ol start="10"><li>To initiate a Delta Sync by force, go to PowerShell and enter the following command.</li> </ol><pre class="code codeBlock" spellcheck="false" tabindex="0">Start-ADSyncSyncCycle -PolicyType Delta</pre> <ol start="11"><li>If you did not enable the initial sync in Step 8, you can enter the following command.</li> </ol><pre class="code codeBlock" spellcheck="false" tabindex="0">Start-ADSyncSyncCycle -PolicyType Initial</pre> <ol start="12"><li>To monitor and check logs, go to Synchronization Service Manager, which was implemented during the installation of Azure AD Connect.</li> <li>Go to Azure AD and check the user list. You should see all on-premises Active Directory users.</li> </ol> </article> </main>