Azure AD Connect training - what is there to learn? See FAQs

[Updated September 2020]

Azure AD Connect has been implemented in 250,000+ organizations worldwide, but few people are aware of its full range of capabilities or potential pitfalls. And that’s why we developed our 5-star rated Azure AD Connect Masterclass and our new Azure AD Connect video training series.

Launched in late 2018, our Azure AD Connect Masterclass is the only comprehensive, structured training course for this powerful and complex technology. Going far beyond the wizard installation, it covers Azure AD Connect in its entirety, including best practices, dos and don’ts, and optimal configuration. It also offers authoritative, structured and time-saving learning materials, including dozens of step-by-step lab exercises.

Our Masterclass has proved itself as an instructor-led training course, and as an online/on-demand course (see reviews from students). But sometimes IT pros want instant access to information that relates to a task in hand, plus demonstrations to illustrate exactly what needs to be done and what to avoid.

So that’s why we have launched our new Azure AD Connect video training series. It offers 7 highly practical, on-demand courses – packed with demonstrations of live environments – which will equip you with the in-depth knowledge you need about key topics, exactly when you need it.

But, if you’re wondering whether you need training on Azure AD Connect, here are answers to some questions we’re sometimes asked…

Question: We’ve already installed Azure AD Connect via the wizard. What more is there to know?

Answer: The express installation only covers the simplest of scenarios. Most organizations need a custom install, which opens up a plethora of possibilities, and an optimal installation requires additional knowledge and understanding.

Also, the wizard doesn’t cover high availability, customising rules for your particular environment, upgrading (except in the simplest configuration), and other useful scenarios such as merging groups from different AD forests.

Question: Microsoft has produced a lot of documentation that’s free. Can’t I learn what I need to know from this?

Answer: A lot of excellent documentation is available but it. is inconsistent in style and format, and it is not structured for learning. There are also significant gaps, and even contradictions!

The Masterclass goes into great detail about Azure AD Connect, and this information is not found anywhere in the Microsoft documentation that I have seen so far. Hailemichael, Programmer/Analyst, US

Our Azure AD Connect Masterclass, and our new video training series, are comprehensive, structured and authoritative, bringing together information from multiple sources, augmented with our own experience of real implementations. They include tried and tested materials, and step-by-step labs/demonstrations that show all the key aspects and capabilities of the product.

Question: What’s the difference between MIM and AAD Connect, and do we need to implement both?

Answer: MIM is excellent at synchronizing authoritative sources of data (e.g. HR or student registration systems) with primarily on-premises target systems such as line of business applications, ERM systems, LDAP directories, email systems and, of course, Active Directory.

Azure AD Connect does a very specific job: to synchronize multi-forest AD environments with an Azure AD tenant. Therefore, although there may be some overlap with MIM in principle, in practice they are each optimized for the job that they do, and they are designed to work together harmoniously.

Question: Can’t we use MIM to synchronize users and groups with Azure AD?

Answer: Using MIM to synchronize users and groups with Azure AD is not supported by Microsoft, and is not recommended. Azure AD Connect is continually developed to keep up to date with changes to AD and Azure AD, so you know that it’s always going to be up to date, and always going to be supported by Microsoft. Why re-invent the wheel?

Question: Surely all I need is to take all the users and groups I have on premises and replicate them in the cloud. What else is there to do?

Answer: This misses a golden opportunity. In a mature, and inevitably complex, multi-forest environment, individuals will be represented more than once and as different object types (for example enabled and/or disabled users, contacts, and foreign security principals). Azure AD Connect is designed to consolidate these different representations to create a single user in the cloud with all of their group memberships intact.

It is also possible to consolidate different representations of the same group across forests (assuming that they can be accurately identified), but only if you understand the wizard-based configuration options plus the necessary post-wizard tweaks.

If you want a comprehensive deep-dive into this powerful technology, you need our Azure AD Connect Masterclass, or our new Azure AD Connect video training series.

Different ways you can take our Azure AD Connect Masterclass:

Join an instructor-led public course (currently running exclusively via Teams/Skype)
Arrange a private course for your team (currently via Teams/Skype)
Study online at your own pace course – start anytime!

Want to learn about individual topics in Azure AD Connect? Our new Azure AD Connect video training series, which covers the same content as our Masterclass, offers a choice of seven highly practical courses, packed with demonstrations of live environments: Foundations | Synchronization concepts | Comparison with MIM (free with all subscriptions) | Custom scenarios | Synchronization rules | Authentication | Additional (but essential) topics.