What is Azure AD Connect (Microsoft Entra Connect)?

 Azure AD Connect, now known as Microsoft Entra Connect, is a tool that allows you to connect your on-premises identity infrastructure, like Active Directory, to Microsoft Entra ID (formerly Azure Active Directory). This lets you manage user identities across both your cloud-based resources (like Microsoft 365) and your on-premises resources in a single location.

What Entra Connect does:

• Connects identities: It synchronizes accounts and groups between your on-premises directory and Azure AD.
• Single sign-on: Users can sign in to both cloud and on-premises resources with the same credentials.
• Simplified management: You can manage user accounts from a central location.

Note: If you're using Azure AD Connect V1, it's important to note that Microsoft retired it on August 31, 2022. You should upgrade to the latest version of Microsoft Entra Connect V2 to ensure continued support and security.

How it works?

• Installation: Entra Connect is installed on a server in your on-premises environment.
• Connectors: It creates connectors to both your on-premises Active Directory and Azure AD.
• Synchronization: Entra Connect reads data (user accounts, groups) from your on-premises AD.
• Filtering and Transformation: It can filter and transform the data based on your configuration. For instance, you might exclude certain user groups from syncing.
• Synchronization Direction: By default, it uses a one-way synchronization, hashing passwords on-premises before sending them to Azure AD. This means password changes are made on-premises and reflected in Azure AD.
• Azure AD Update: The synchronized data is then updated in Azure AD.

This synchronization allows users to have a single identity that works for both cloud and on-premises resources. They can sign in with the same credentials, simplifying access management for your organization.

Note:

• Entra Connect doesn't synchronize everything. It typically excludes things like group policy objects and specific attributes you choose.
• There are other features besides core directory synchronization, like federation integration and health monitoring.