Hello All
Welcome back to the series of exploring the Azure Active Directory Connect Tool
In this Part 4, We are going to see the list of service accounts are being used in Azure Active Directory connect Tool
There are three service accounts are mainly using by azure active directory tool
- ADDS connector Account - [Active Directory Domain Service Connector Account ]
- ADSync Service Account
- Azure AD Connector Account
ADDS connector Account : This account is usually created when you install AAD connect tool via express setup or installation method , which is widely being used the Active Directory to sync the object
This account has the prefix like MSOL_SomeRandonNumber
ADSync Service Account : This account again categorised in three account as virtual service Account, Group Managed Service Account and User Account
virtual service Account : It has no password and managed bu Windows server - Microsoft Azure AD sync
It beings used in the scenario, like AAD connect and SQL server installed in the same Server
If the SQL server is installed remote server . it recommends to use Group Managed Service Accounts
This account is usually used when you chose the custom installation of AAD connect tool
User Account : Its a local account m created by AD connect wizard and used by Sync service to run the sync process. It has a prefix of AAD_ SomeRandomNumbers
This account has set to long password and set to never expired
Azure AD Connector Account
This Account is used AAD Connect tool to write tree information AD to Azure AD
This account contains the name of the sever on which the AAD connect toll is installed
It has long password and set to never expired
This account has been granted permission to sync the objects from AD to AAD
Comments
Post a Comment