When you use the MyCloudIT dashboard to configure Office 365 synchronization (Sync Users), in the back end, the MyCloudIT automation deploys the Azure AD Connect utility on your RDSMGMT server. During the Sync Users process, the MyCloudIT portal will prompt you for your Azure AD credentials during the configuration, then it will install the Azure AD Connect utility. According to Microsoft, the first synchronization of your directories can take up to 24 hours to complete. It usually does not take that long but keep that in mind as you are planning your deployment.
What is Azure AD Connect?
The short answer is that it synchronizes the Windows Server Active Directory created by MyCloudIT for your RDS deployment with your Office 365 directory (Azure AD).
The long answer is MyCloudIT uses a Windows Server Active Directory Domain controller to manage the Remote Desktop Session (RDS) infrastructure. We use a full Windows Server Active Directory Domain controller because RDS requires a full Active Directory to provide the full RDS capabilities. If you are using Office 365 and want to synchronize your Office 365 user directory (Azure AD) with your Windows Server Active Directory, MyCloudIT automates the install and configuration of the Azure AD Connect utility. By default, AD connect only synchronizes passwords from the Windows Server Active Directory to Azure AD, it does not include the ability to make password changes from Azure AD to Windows Server AD.
If you want two-way password synchronization, you need to configure Azure AD Connect for Password Write Back. We have provided the guidance on how to configure device writeback. But take note that password write back requires you to have at least the Azure AD Premium P1 features. You can view the full comparison table that shows the various Azure AD options.
Tips for Using Azure AD Connect
One of the common issues we encounter with Azure AD connect is the size of the actual RDSMGMT server. Azure AD Connect installs and utilizes SQL Express to manage the directory synchronization. SQL Express requires at least two vCPUs to be fully supported. Some people run SQL Express and Azure AD Connect on single core VMs, but performance will be far from acceptable in any type of production environment. Please check the size of your RDSMGMT Server. If the VM size is any of the single vCPU VM sizes, like A1, A1_v2, D1, D1_v2…, and you want to utilize Azure AD Connect, please upgrade your RDSMGMT server to at least a dual core CPU. The A2_v2 is an economical VM size, but I feel that the D2_v3 VM is the best price for performance offered by Azure at this time.
Make Sure to Double Check
Before you configure Office 365 synchronization through the MyCloudIT portal, or manually install the Azure AD Connect utility, please ensure your RDSMGMT server is at least a dual core VM. If you have any questions about the size or capability of your deployment, please feel free to reach out to us at tech-support@mycloudit.com and we will be happy to assist you. Feel free to also check out our User Guide for How-To, Knowledge Articles, and Best Practices.
Last Tip
I want to share one more tip for utilizing Azure AD Connect within the MyCloudIT portal. Since we automate all the typical issues, one of the most important things is having the correct size for your RDSMGMT server.
Want Future News and Updates Emailed Right to Your Inbox?
