Azure AD Connect allows you to sync your on-premises AD forest objects with Azure AD. This sync mainly include Active Directory user accounts & groups. In reverse with a very limited capability Azure AD can sync data back to the on-premises Active Directory e.g. password change update. It is moreover benefiting to achieve functionalities such as SSO, Multi-Factor Authentication (MFA), Conditional Access and many more.
- On-premise AD: Active directory or in-short AD is on-premises identity/authentication service. This is mainly based on NTLM and Kerberos protocols.
- Azure AD : Microsoft cloud identity/authentication service. This is mainly based on OAuth and OpenIDConnect protocols.
- AAD Connect: This is the engine to sync identities from On-premise AD to Azure AD.
- AAD Connect engine consist of
- Connector space
- Metaverse
- Connectors
- Sync rules (Inbound & Outbound Rules)
- Import and Export export operation via connector