Microsoft Entra Connect – the wizard installation is easy, so why do I need training?

[Updated February 2024]

Microsoft Entra Connect has been implemented in 250,000+ organizations worldwide, but few people are aware of its full range of capabilities or potential pitfalls. And that’s why we developed our 5-star rated Microsoft Entra Connect Masterclass.

Launched in late 2018, our Azure AD Connect Masterclass (now Microsoft Entra Connect) is the only comprehensive, structured training course for this powerful and complex technology.

Going far beyond the wizard installation, it covers Microsoft Entra Connect in its entirety, including best practices, dos and don’ts, and optimal configuration. It also offers authoritative, structured, and time-saving learning materials, including dozens of step-by-step lab exercises.

But, if you’re wondering whether you need training on Microsoft Entra Connect, here are answers to some questions we’re sometimes asked…

Question: We’ve already installed Microsoft Entra Connect via the wizard. What more is there to know?

Answer: The express installation only covers the simplest of scenarios. Most organizations need a custom installation, which opens up a plethora of possibilities, and an optimal installation requires additional knowledge and understanding.

Also, the wizard doesn’t cover high availability, customizing rules for your particular environment, upgrading (except in the simplest configuration), and other useful scenarios such as merging groups from different AD forests.

Question: Microsoft has produced a lot of documentation that’s free. Can’t I learn what I need to know from this?

Answer: A lot of excellent documentation is available but it. is inconsistent in style and format, and it is not structured for learning. There are also significant gaps and even contradictions!

The Masterclass goes into great detail about Azure AD Connect (now Microsoft Entra Connect), and this information is not found anywhere in the Microsoft documentation that I have seen so far. Hailemichael, Programmer/Analyst, US

Our Microsoft Entra Connect Masterclass is comprehensive, structured, and authoritative, bringing together information from multiple sources, augmented with our own experience of real implementations. They include tried and tested materials, and step-by-step labs/demonstrations that show all the key aspects and capabilities of the product.

Question: What’s the difference between MIM and Microsoft Entra Connect, and do we need to implement both?

Answer: MIM is excellent at synchronizing authoritative sources of data (e.g. HR or student registration systems) with primarily on-premises target systems such as line of business applications, ERM systems, LDAP directories, email systems, and, of course, Active Directory.

Microsoft Entra Connect does a very specific job: to synchronize multi-forest AD environments with a Microsoft Entra ID tenant. Therefore, although there may be some overlap with MIM in principle, in practice they are each optimized for the job that they do, and they are designed to work together harmoniously.

Question: Can’t we use MIM to synchronize users and groups with Azure AD (now Microsoft Entra ID)?

Answer: Using MIM to synchronize users and groups with Microsoft Entra ID is not supported by Microsoft, and is not recommended. Microsoft Entra Connect is continually developed to keep up to date with changes to AD and Microsoft Entra ID, so you know that it’s always going to be up to date, and always going to be supported by Microsoft. Why reinvent the wheel?

Question: Surely all I need is to take all the users and groups I have on-premises and replicate them in the cloud. What else is there to do?

Answer: This misses a golden opportunity. In a mature, and inevitably complex, multi-forest environment, individuals will be represented more than once and as different object types (for example enabled and/or disabled users, contacts, and foreign security principals). Microsoft Entra Connect is designed to consolidate these different representations to create a single user in the cloud with all of their group memberships intact.

It is also possible to consolidate different representations of the same group across forests (assuming that they can be accurately identified), but only if you understand the wizard-based configuration options plus the necessary post-wizard tweaks.

If you want a comprehensive deep-dive into this powerful technology, you need our Microsoft Entra Connect Masterclass

Different ways you can take our Microsoft Entra Connect Masterclass:

  • Join an instructor-led public course (via Teams)
  • Arrange a private course for your team (on-premises or via Teams)