Introduction to Azure AD Connect
Azure AD Connect
Azure AD Connect is the tool you install on your on-premise server to integrate your on-premises directories with Azure AD. In addition to directory synchronization, Azure AD Connect provides a wizard-driven experience with two modes Express or Customized for configuring your Azure AD authentication settings and other features.
Filtering is used when you want to limit which objects are synchronized to Azure AD. By default all users, contacts, groups, and Windows 10 computers are synchronized. You can change the filtering based on domains, OUs, or attributes.
Password hash synchronization synchronizes the password hash in Active Directory to Azure AD. The end-user can use the same password on-premises and in the cloud but only manage it in one location. Since it uses your on-premises Active Directory as the authority, you can also use your own password policy.
Password writeback will allow your users to change and reset their passwords in the cloud and have your on-premises password policy applied.
Device writeback will allow a device registered in Azure AD to be written back to on-premises Active Directory so it can be used for conditional access.
The prevent accidental deletes feature is turned on by default and protects your cloud directory from numerous deletes at the same time. By default it allows 500 deletes per run. You can change this setting depending on your organization size.
Automatic upgrade is enabled by default for express settings installations and ensures your Azure AD Connect is always up to date with the latest release.