Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft cloud services today, such as Office 365, rely on the directory integration and identity management capabilities provided by Azure Active Directory. These capabilities include a cloud based store for directory data and a core set of identity services including user logon processes, authentication and federation services.
If your organization subscribes to Office 365 and uses an on-premises directory service, you can integrate your directory with the Azure Active Directory instance that is associated with your Office 365 tenant to automate hybrid cloud-based administrative tasks and to provide your users with a more streamlined sign-in experience.
Azure Active Directory supports the following three directory integration capabilities and tools that can be used with Office 365:
Directory synchronization—Used to synchronize on-premises directory objects (users, groups, contacts) to the cloud to help reduce administrative overhead. For more information about the advantages of using directory synchronization, see Directory synchronization roadmap.
Once directory synchronization has been set up, Office 365 admins can provision directory objects from your on-premises Active Directory into the Azure Active Directory instance associated with your Office 365 tenant.
For general information about directory sync, see Configure directory synchronization.
Single sign-on (SSO)—Used to provide users with a more seamless authentication experience as they access Microsoft cloud services while logged on to the corporate network. In order to set up single sign-on, organizations need to deploy a security token service on premises. For more information about security token services that work with Azure Active Directory, see Single sign-on roadmap.
Once single sign-on has been set up, users can use their Active Directory corporate credentials (user name and password) to access the services in the cloud and their existing on-premises resources.
For general information about single sign-on, see Configure single sign-on.
Windows PowerShell cmdlets—Used to accomplish many Office 365-based administrative tasks such as user and domain management. There are a number of Azure Active Directory specific cmdlets that control the identity, group, and subscription level configuration of your Office 365 tenant.
For general information about which cmdlets are available for use with Office 365, see Windows PowerShell cmdlet descriptions.
For more information about ways you can use directory integration in your organization, see Directory integration scenarios.