Configure Azure AD Connect: ADFS

Pre-Requirements

• Microsoft 365 E5 License

• Custom domain added to Microsoft 365.

• Active Directory Domain Controller and Active Directory Federation Services (AD FS) Server

  • Azure Bastion set up.

Configure Azure AD Connect

1. Connect to Domain Controller via Azure Bastion

2. Double click on the Azure AD connect icon on the desktop to start the setup process.

3. Agree to the license terms and privacy notice and continue.

1. Click on the Customize option.

1. Keep the defaults and click on Install.

1. Select Federation with AD FS. We are going to use the on-prem AD FS server as the identity provider to handle federation services.

1. Enter Azure AD Global Admin creds

1. Connect on-prem forest. Verify the Forest name and click on Add Directory.

1. Select the first option to create a new AD account. You have to enter the credentials of a domain admin in the on-prem environment.

1. Keep the defaults and click Next.

1. Select specific domains and OUS. Select Users OU and click Next.

1. Keep the defaults and click Next.

1. Keep the defaults and click Next. Synchronize all users and devices.

1. Keep the defaults and click Next.

1. Enter the credentials of a domain admin in the on-prem environment.

1. Choose Use an existing AD FS farm

1. Select the Azure AD domain to federate and click Next.

1. Keep the defaults and click Install.

1. After the Azure AD Connect configuration succeeds, click Next to verify the federation settings.

1. keep the defaults for now and verify federation connectivity from the intranet. Click Verify.

1. That’s it! Click “Exit”

Verify Federated Access

Azure AD Connect

1. Browse to Azure portal

2. Azure AD > Azure AD Connect

Azure AD Custom Domains

1. Browse to Azure portal

2. Azure AD > Custom Domain Names

Microsoft 365 Active Users

1. Browse to Microsoft 365 Admin portal

2. Users > Active Users