Earlier this year we released a preview of DirSync password writeback for Self Service Password Reset. This service is a huge win for enterprises with thousands of devices that rely on federation or password hash sync to use Azure Active Directory Premium to reset on-premises passwords in Windows Server Active Directory. That description applies to a lot of enterprises, and you can check out the updated DirSync with Password Reset writeback here.
At the time of that blog post, this service was temporary. Since then we’ve launched Azure Active Directory Synchronization Services (AAD Sync).
AAD Sync is, in the Tolkeinesque parlance, “one sync service to rule them all.” This service syncs multi-forest Windows Server AD Deployments, and it can be used for all AAD, Office 365, and other Microsoft cloud service products. It makes synchronization even simpler while also managing very advanced capabilities, like support for combinations of directories (AD, LDAP, SQL, and others), as well as the power to remap and swizzle existing on-premises attributes.
The Active Directory Blog notes that recently released AAD Sync capabilities include:
- Active Directory and Exchange multi-forest environments can be extended now to the cloud.
- Control over which attributes are synchronized based on desired cloud services.
- Selection of accounts to be synchronized through domains, OUs, etc.
- Ability to set up the connection to AD with minimal Windows Server AD privileges.
- Setup synchronization rules by mapping attributes and controlling how the values flow to the cloud.
- Preview AAD Premium password change and reset to AD on-premises.
Also: Sign up to hear Alex participate in our upcoming webcasts about Enterprise Mobility.