Devdocs download6/5/2023 ![]() ![]() To use password writeback and enable the self-service password reset (SSPR) service to detect the cloud sync agent, use the Set-AADCloudSyncPasswordWritebackConfiguration cmdlet and the tenant’s global administrator credentials: Import-Module "C:\\Program Files\\Microsoft Azure AD Connect Provisioning Agent\\" ![]() Enable password writeback in Azure AD Connect cloud sync To configure a new agent, see Create a new configuration for Azure AD Connect cloud sync. Under Services, make sure that Microsoft Azure AD Connect Agent Updater and Microsoft Azure AD Connect Provisioning Agent are present and the status is Running.Īfter you've installed the agent, you must configure and enable it before it will start synchronizing users.Open Services either by navigating to it or by going to Start/Run/Services.msc.Sign in to the server with an administrator account.To verify that the agent is running, follow these steps: Verify that the agent is displayed and the status is healthy. On the cloud sync page, you'll see the agents you've installed.Select Azure AD Connect, and then select Cloud sync.To verify that the agent is being registered by Azure AD, follow these steps: If you still get the initial splash screen, select Close.Īgent verification occurs in the Azure portal and on the local server that's running the agent.Once this operation completes, you should be notified that Your agent configuration was successfully verified. This operation will register and restart the agent. On the Configuration complete screen, select Confirm. The following screenshot shows an example of configured domain.This operation will add your on-premises directory. In case the password expires or changes, you'll need to reconfigure the agent with the new credentials. The domain administrator account shouldn't have password change requirements. Sign in with your Active Directory domain administrator account. Otherwise, type your Active Directory domain name, and select Add directory. On the Connect Active Directory screen, if your domain name appears under Configured domains, skip to the next step. Use custom gMSA and provide the name of the managed service account.To use this option, enter the Active Directory domain administrator credentials. The group managed service account (for example, CONTOSO\provAgentgMSA$) will be created in the same Active Directory domain where the host server has joined. ![]()
0 Comments
Leave a Reply. |