What's New in Azure AD Connect V2

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
this time around i'm in norway teaching a course but i thought you know i'm going to take a look at what's new and cool in azure ad connect version 2 so stick around you might learn something [Music] hi everyone ali malone microsoft mvp as well as a microsoft certified trainer thank you so much for joining me this is where it all happens this is where i teach well one of the places anyway and i just wanted to get together with you this week to talk about azure ad connect version 2. it's a major upgrade by microsoft that's well it kind of started out life as uh dursing then it was azure adsync and then it became azure ad connect but all along it's been on old versions of windows server windows server 20 2008 2012 and so on and it also came bundled with older versions of sql server express this time around things have changed so sql server 2019 is the bundle that it comes with and the fact that you can no longer install it on anything less than 2016 and 2019 versions of windows server so what how does it install i thought i'm going to cover that in the video and just talk about some of the new features so if you've not subscribed of course please go ahead click on that subscribe button up there ring that bell and you're guaranteed not to miss out on the good stuff in the future and as always i love your feedback so any questions any comments get them down below and i will do my best to answer them so let's take a look at the demo and i'll be back at the end to round things up enjoy okay so let's take a look at installing azure ad connect version 2.0 so i'm starting here here in microsoft 365 and i'm going to head down into the admin center and i'm going to switch over into azure active directory now you could actually install this through microsoft 365 but it goes through a number of setup checks which to be honest are a bit of a pain so i prefer just to scroll down here and they've come into azure ad connect here now you've got a couple of ways of installing it you can also do a cloud install so there's the azure ad connect sync tool which is really nice and if you've not seen that go ahead and look at one of my other videos but for the purpose of this demo i'm going to go ahead and download the actual product itself now just to let you know as i've mentioned the prerequisites for this you must be running windows server 2016 or 2019 and you also just so you know it comes with a version of sql server express which is the latest version of that okay so if you're running an older version then it's not going to work so i'm just going to go ahead and just install that and now i'm going to go in and configure it all right so first up then you were in azure ad connect here and i'm just gonna go ahead and accept the license um which is fine and you can do an express setup or you can do a custom setup again for the purpose of this domo i'm gonna i'm gonna go ahead you could if you've got a an existing sql server if you've got a large number of users i definitely recommend creating an existing service account here um for the purpose of this little demo though i'm just going to go ahead and do the express setup so first up you need to put in your admin username and your admin password and this must be a global admin all right so in microsoft 365 or azure you need to have that global admin account all right so clicking next and you can see this the setup experience if you've not installed azure ad connect before it's a pretty similar experience to what it was previously and now it's automatically detected that i want to join a domain an active directory domain so in this case i'm just logging on to contoso which is my internal again for the purpose of this demo i'm just running with a demo domain name here but in reality you would have done some preparation in advance so it shows you what it's going to do and i've got okay i'll go ahead and click on configure and it will now go off and do that for me okay so configuration is complete so i'll go ahead and click on exit just to remind you that if you're running active directory to go ahead and engage that recycle bin and remember the recycle bin allows you to delete objects and then being able to restore them so going back into azure a.d i'm just going to go into my user accounts here and it takes a couple of moments and and you just refresh the page but pretty much you'll see that my users will now start to sync in and also your groups as well now the one thing of course that doesn't come in are devices and you need to basically there are two things that you need to do now as you can see i've gone into my microsoft 365 account here and to be honest it's it's pretty much the same you get the same settings you'll notice that there was an on-premises directory sync account there again this is a service account so you don't really need to do anything with that if i have to be honest with you all right so just to show you that it is the same azure active directory everything's the same and everything works now just to mention that once the accounts have come in and synced so here i've got aaron the one thing that's the sync tool does not do is it doesn't license the users so it's really important that you come in here and you obviously assign the appropriate license now do remember that if you don't assign licenses you're not being charged for them you're only charged from the point that when you actually go ahead and assign them so really important don't forget to assign your users and also by the way i'm often asked this question andy if i don't assign a license can my users actually still log in and the answer is yes but obviously they won't have any apps so if any of you are planning to do the microsoft exam um that always comes up as a question okay now the next thing i want to do is i want to enable um device synchronization so how we do this there's a couple of places that we need to switch this on so i'm going to go into tools and i'm going to go into my group policy management here now um just to mention that i do have users and groups and you know if you were for example if you had in tune and you wanted to manage machines as hybrid joined machines then it's really important that you set this up now just while i'm here in an azure a.d i just wanted to mention because the sync was finished that you'd go ahead and enable that recycle bin so that was just to remind you to do that now just to remind you that this is an irreversible action so if you go ahead and do that you can't undo it but it basically means that if you delete an object from active directory it will delete it from the portal but you'll be able to restore them back so you don't have any broken objects so here i am i'm going to go into group policy on my domain controller i'm going to expand my default domain policy and i'm going to edit this so there are a couple of places where you need to switch this on so i'm going to go into policies and admin templates and in the admin templates i'm going to go into windows components and i'm going to go into device configuration or device registration i should mention so i want to register my on-premises computers as devices in azure ad okay so in what's happening is it will turn these into hybrid devices so that's the first place that you need to switch on and just to remind you just do a quick um gp update slash force so just to update group policy so that's what i'm doing here right so just gp forward slash force up yep there we go great so i'm just going to close that down and that was the first place that you need to go the second place i need to go is in azure active directory connect so i need to go back into azure ad connect and this is one of the great things about this tool is that if you make a mistake or you want to go back and change something it's really easy to do that so we simply just click on configure and for this demo i'm just going to come here and i'm going to choose um device options okay so i'm going to go into configure device options so there's other things you can change the way the user signs in for example if you want to go into federation and so on and so again you can change that you know the way the user signs in there and just to show you that actually so let me just log in here just so that you can see that and this is quite uh quite good to see actually just put in the right password of course all right so you can see here i'm currently in password hash synchronization you can change to pta which is pass through authentication i can also enable single sign-on so if you're using windows 10 devices um that's great all right so to enable enable single sign-on i just simply go into my administrator account and i just need to put in my um on-premises credentials and i'm going to go ahead and start the synchronization process and there we go okay so i'm just going to give it a moment and then i'm going to go back in now just to say that if you do get an error message it's just to let you know that it's probably still syncing all right so for the device options that i mentioned earlier i'm going to go into the device options and you have two options do you want to enable hybrid or do you want to enable device right back so for this demo i'm choosing hybrid of course and just put in my global admin credentials okay and you can see i want to configure hybrid or device right back and so on so for this one i'm choosing the top option and i'm clicking next um it's windows 10 devices so domain joined yep that's fine i'm going to click next and i'm going to choose just click on contoso so that's the name of my domain and i'll click on add you need to say i want to sync it with azure active directory and i'm now prompted for my username and my password okay now you'll also notice that below it actually generates a powershell script which is really useful actually um so i'm going to go ahead i'm done click on next and there we go now this can take just a few moments um so it you know for the once it starts to sync you will then see the devices start to appear so i get a green light everything looks good and that's it it's now synced so that's it that's how you sync those devices in now what i'm going to do is i'm just going to flip back into my portal and again the sync process will take a little bit of time and what i can do is go back into azure active directory here and in azure ad there's a few things again that you need to just enable here all right so i'm going to go into azure ad i'm going to scroll back down and i'm going to click on mobility mdm and mam so this is mobile device management and mobile application management and this is basically where i'm saying hey i'm going to allow all my users to join my organization and likewise so they can install any applications as well all right so again i'm just going to click on save and you can see it generates the links for your users so if you want them to be able to join their devices that's great and i'm also going to click on the mobile application management and i'm going to say yes my users can use mobile application management all right so that's that done now there's also some other things that you can do here you can configure things like company branding um you can also set up things like um you know roaming profiles here as well and i'm just gonna flip over here into my c drive and one of the nice things about azure ad connect is if i come into my c drive and into program files you'll notice that in here it actually installs a folder called azure adsync and ish in the azure adsync folder um there is actually a ui shell and you can see this is the tool that installs what we call the synchronization services manager and in here you can actually this is kind of a graphical sync tool so i can say yep i want to run the sync tool and i can choose either a full or a delta synchronization okay and with that delta synchronization i can just run that tool and it will go off and it will perform a synchronization and this includes any device so this will include the devices now if i go and refresh the display you can see that we're starting to see those devices come in and it just takes a little bit of time for those devices to come in all right so there you have it a little bit of azure ad connect version 2.0 that's the latest sync tool from microsoft i really hope you enjoyed this and that you learned something now if you did of course i love your feedback so go ahead uh click on the subscribe button ring the bell and you won't miss out on the good stuff in the future and who knows where i'll be next time okay comments questions about any of my videos please get them down below uh and i'd love to hear your feedback all right so until next time you stay safe and i'll see you out there take care thanks for dropping by hope you enjoyed the video go ahead and click on the subscribe button and ring that bell and you won't miss a thing see you next time [Music]
Info
Channel: Andy Malone
Views: 198
Rating: 5 out of 5
Keywords: What's new in Microsoft Azure AD Connect, Azure AD Connect V2, Deploying Azure AD Connect, Microsoft 365 Admin, Microsoft MVP, Andy Malone mVP
Id: muHVbeONGqA
Channel Id: undefined
Length: 17min 3sec (1023 seconds)
Published: Tue Oct 05 2021
Related Videos
Whats New in Microsoft 365 for Admins (Oct 2021)
Andy Malone
860
What's New in Azure AD Conditional Access
Andy Malone
456
Imagine 2021: Innovation Keynotes
Edge Impulse
4.6K
Azure AD Connect V2 is OUT!
John Savill's Technical Training
66K
What's NEW in Microsoft SharePoint Online for Admins
Andy Malone
784
iOS 15 Settings You Need To Turn Off Now
Payette Forward
1.3M
Understanding Microsoft 365 Groups Vs Teams Deep Dive
Andy Malone
764
Tutorial: Windows 11 Upgrade Completed with Local User Account
LiveWindowsTraining-DougBetts
1.4K
How to get started with Azure AD Conditional Access
Andy Malone
603
PowerShell Made Easy
Andy Malone
772
One of the Greatest Speeches Ever | Steve Jobs
Motivation Ark
10M
Kubernetes Tutorial for Beginners [FULL COURSE in 4 Hours]
TechWorld with Nana
2.1M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.