Hello Everyone,
Welcome back to the series on Azure Ad Connect AAD tool - Part 2. In last part we covered what is Azure Active directory connect and it's benefits.
In this series, we are going to cover the below topics in detail
- Architectural view of AAD connect
- What is sync engine
- Components of Sync Engine
- How sync engine works
The components inside the AAD tool which makes the sync works perfectly from onprem active directory to M365 AAD are called sync engines or AAD components
There are four components are available
1. Connected Data source or Connected Directory
2. Connectors
3. Connector Space
4. MetaVerse
The above four components does all the activities during the sync cycle of any objects from onprem AD to M365 AAD
from the above picture, am trying to explain, how sync cycle working with help of above components and Sync rules
1st Component : Connected Data source or Connected Directory - CD
This is something like a data store on which AD and AAD stores their objects in a database called connected Directory.
2nd Component : Connectors - Each connectors in a data Source are having dedicated connectors and these are the medium of data flows from the connected data source to connector Space or from connector space to another connected data sources , which means the data flows happens either from AD to AAD or AAD to AD [ One way sync]
3rd Component : Connector Space - CS - It stores the replicas of all the objects between the connected data sources
for example : Two users are created and available in onprem AD , connector space will store the objects and attributes during the sync cycle . if any changes done within the onprem AD for these users, the changes will be updated in CS as well. Suppose if we add a new users in onprem AD , connector space will copy the new users during the sync cycle along with their attributes
4th Component: Metaverse [MV]: This is storage area that provides a global view of both connectors. It shows what changes happens from AD and what changes are going to export to AAD
Now lets understand , what happens in the back end if we run delta and initial sync cycle in simple 9 not detailed one
When we initiate a sync cycle either delta or initial ,
1st cycle is that sync engine run the import AD, during this cycle process any changes that are done within AD objects are picked by sync engine and sent to the connector space in AD
Example : A new user account created in AD, During the import sync, the user object will be imported and send to connector space.
2nd Cycle is Import AAD , during this sync cycle, any changes in AAD will import the changes in connector space of AAD
Example : in Self service password reset scenario, password write back works in such way to sync the password from AAD to AD
3rd Cycle : Synchronisation Active Directory ; During this cycle, the changes that was done in AD are presented within in Metaverse and these changes are updated within AD connector space
4th Cycle : Synchronisation Azure Active Directory : During this process the changes that are going to export the ADD presented within metaverse and these changes are updated within Azure AD connector space
There are two rules are basically available in AAD connect tool
1. In from AD
2. Out to AAD
In from AD : is the process where the objects are changes in AD that has to be sync with AAD
Out to AAD : is the process on which export the objects that changes happened in AD to AAD
5th Cycle - Export AAD : during this cycle. object changes happened within Metaverse will export to AAD
6th Cycle : Export AD : During this sync cycle , any changes that was picked from import from AAD and export to Onprem AD.
I hope you enjoy this article and Happy reading 📗
Comments
Post a Comment