On the splash screen, select I agree to the license and conditions, and then select Install.Once the Azure AD Connect Provisioning Agent Package has completed downloading, run the AADConnectProvisioningAgentSetup.exe installation file from your downloads folder.Select Download on-premises agent, and select Accept terms & download.In the Azure portal, select Azure Active Directory.To install the agent, follow these steps: If you're using the Basic AD and Azure environment tutorial, it would be DC1. Install the Azure AD Connect provisioning agent Open your firewall for those URLs as well.įor certificate validation, unblock the following URLs: :80, :80, :80, and Since these URLs are used for certificate validation with other Microsoft products, you may already have these URLs unblocked. Your agents need access to and for initial registration. If not, allow access to the Azure datacenter IP ranges, which are updated weekly. If your firewall or proxy allows you to specify safe suffixes, then add connections to *. and *. If your firewall enforces rules according to the originating users, open these ports for traffic from Windows services that run as a network service. This status is displayed on the Azure portal. Handles all outbound communication with the serviceĪgents report their status every 10 minutes over port 8080, if port 443 is unavailable. If there's a firewall between your servers and Azure AD, configure the following items:Įnsure that agents can make outbound requests to Azure AD over the following ports: Port numberĭownloads the certificate revocation lists (CRLs) while validating the TLS/SSL certificate Identify a domain-joined host server running Windows Server 2012 R2 or greater with minimum of 4-GB RAM and. Your users can sign in with one of these domain names. Add one or more custom domain names to your Azure AD tenant.Completing this step is critical to ensure that you don't get locked out of your tenant. Learn about adding a cloud-only global administrator account. This way, you can manage the configuration of your tenant should your on-premises services fail or become unavailable. Create a cloud-only global administrator account on your Azure AD tenant.You'll set up cloud sync for the new forest. And you have a new forest that you want to sync to the same Azure AD tenant. In this scenario, there's an existing forest synced using Azure AD Connect sync to an Azure AD tenant. You can use the environment you create in this tutorial for testing or for getting more familiar with how a hybrid identity works. This tutorial walks you through adding cloud sync to an existing hybrid identity environment.
0 Comments
Leave a Reply. |