Why Multi-Cloud

Synchronization of Identity Data

Hosting Controller’s AD Connect Sync is a synchronization tool between two or more Active Directories. The source is a Microsoft Active Directory and the destination is usually a Microsoft Active Directory as well but can be any LDAP compliant Active Directory.

A common requirement for companies with an established on-premises Active Directory environment, is to have the existing on-premises users and groups linked in some way to a hosted or Cloud Active Directory. Likewise it's essential for large organizations providing Hosted Exchange and housing Active Directory infrastructures, to keep their internal and external Active Directories linked. HC Active Directory Synchronization tool is the smartest answer to all your sync needs.

Download

Active Directory to Cloud IAM Synchronization

Various IAM Targets

Enable an organization to setup automatic synchronization between on-premises AD and one or more public IAM systems including:

  • check_circle Amazon AWS
  • check_circle Microsoft 365
  • check_circle Microsoft Azure
  • check_circle Google Cloud Platform
  • check_circle Any Other Cloud Hosted Active Directory
  • Synchronize identities, group membership and passwords to various IAM targets with ease.

    Not Standard AD Replication

    Used to synchronize Active Directory data where normal Active Directory replication cannot be used for any reason.

    Useful Active Directory Connector

    No need to manage users in two places when it can be done in one.

    Synchronize Passwords

    Synchronize Passwords

    Keep your Active Directory passwords synchronized across your internal and external Active Directories. Make it easier for administrators to replicate and track password changes across Active Directories.

    Synchronize Identities

    Synchronize Identities

    Perform one-way synchronization of identity data (users, groups) between an on-premises Active Directory and your hosted Active Directory. Manage account changes across multiple systems.

    Synchronize Groups

    Synchronize Groups

    Reflect group changes made in an on-premises Active Directory to the hosted environment in real-time. Provide a complete and efficient identity management solution to your business.

    Basics of Multi-Cloud Synchronizations

    The bulk of security still revolves around having users, identified by their passwords, having access to resources through a role based security or group policy. Organizations have spent years maturing their Active Directory infrastructures and process.

    As an organization onboards yet another public cloud, it comes with its own set of IAM (Identity and Access Management) paradigm. While configuring security and group policies is an allied and most important task of onboarding another cloud platform, the regular assignment and revocation of those policies to users quickly becomes an operations nightmare if not automated.

    Hosting Controller is a unified cloud management tool (also called control panel) and includes support for multi-cloud deployment in different ways.

    But all those features share a way to synchronize changes between local master Active Directory environments and public cloud IAMs. It synchronizes:

    User Accounts

    User Accounts

    As a user is created in the master Active Directory, its replicated across multiple public cloud IAMs.

    Passwords

    Passwords

    Passwords are changed in the master Active Directory only through whatever security means are already in place for the organization. As soon as the password is changed in the master AD, it is automatically synchronized into multiple targets.

    Group Memberships

    Group Memberships

    As a user is assigned or revoked a group membership, it is synchronized in the IAM.

    Steps to Onboard a New Public Cloud

    Steps to Onboard a New Public Cloud

    Supported Deployment Topologies

    As your organization evolves and finds its optimum mix of on-prem and cloud based services, AD Connect Sync tool is there to support any and all Identity management topologies.

    One-to-One

    One Source - One Destination
    Typical Use Case: On-Prem to Cloud

    One-to-Many

    One Source - Multiple Destinations
    Typical Use Cases: Distributed Applications

    Many-to-One

    Multiple Sources - One Destination
    Typical Use Case: Cloud Service Provider

    Highlight Features

    No trust relationship required

    No trust relationship is needed between the source and the destination

    Administrator full control

    Admins can choose just what they want to copy down to a single user, group or contact

    Real time synchronization

    Passwords are also copied in real-time and synchronized automatically

    LDAP compliant Active Directory

    Destination can be any LDAP compliant Active Directory

    Copying rules

    Copying rules enable rule based changes to data as it is being copied

    Use Cases

    The business scenarios and rationale for using AD Connect Sync.

    Easy Monitoring

    It is important that you maintain a healthy synchronization between your local and Cloud Active Directories. Quickly spotting and diagnosing anomalies is the key to success. AD Connect Sync is accompanied by a robust monitoring tool, which not only identifies any bottle necks in the whole process but also makes available visual representations in the form of daily and weekly stats and reports.

    • Monitor multiple sync machines across different Domain Controllers, through a single interface.
    • Generate necessary alerts, if communication breaks either from the local AD or from the Cloud side.
    • Display system activation status.
    • Weekly and daily graphical representation of synchronized data.
    • Display number of sync objects in an organization.
    • Live view from different AD machines.
    • Advanced search filter to view successful/failed events.


    Why HC ADSync?

    There are plenty of good reasons to use HC ADSync for synchronizing your on-premises identities with those in the Cloud. The most important ones are:

    AD Sync implementation

    Implementation

    HC ADSync is far easier to implement than other more complex options. Installing and configuring HC ADSync simply involves a few one-time configuration steps. HC ADSync is a simple service which requires an installation over the primary (or additional) domain controllers. Once installed, AD objects can be selected to initiate the sync process between the ADs.

    AD Sync complexity

    Complexity

    HC ADSync does not require a two-way trust relationship to be established between domains neither does it demand the added complication of deploying an ADFS infrastructure. No additional servers, SSL certificates or DNS entries are required.

    AD Sync cost

    Cost

    Costs can be cut into half or even more by deploying HC ADSync. There are no additional costs to consider above those of the licenses whereas other more expensive alternates like ADFS require additional server licensing, SSL certificates, hardware costs and/or virtual infrastructure resources and consultancy costs.

    Real-Time Synchronization Features

    Core features and functionality of AD Connect Sync.

    Synchronize Users

    Push newly provisioned users to the hosted/Cloud environment.

    Synchronize User Passwords

    Intercept changes to user passwords on the on-premises AD in real time and replicate to related user object on the hosted AD.

    Synchronize User Attributes

    Sync any changes to user attributes such as displayName, company, mobile etc.

    Synchronize Groups

    Push newly created Distribution and Security groups to the hosted/Cloud environment.

    Synchronize Group Attributes

    Sync group attributes to the hosted environment.

    Change Group Membership

    Reflect any membership changes to the Cloud environment.

    Synchronize Contacts

    Replicate new contacts seamlessly between on-premises and Cloud.

    Specify Sync Intervals

    Choose convenient time intervals for synchronization.

    Transfer Securely

    Send requests securely over LDAPs.

    Customize Attributes

    Enable or prevent selected few attributes of a user to be synchronized.

    Synchronize Required Users

    Choose required few users, groups and contacts from a specific organization (OU) to be synced.

    Synchronize Across Multiple Cloud DCs

    Synchronize a single local AD with multiple Cloud Domain Controllers.

    Benefits

    • Less complex alternative to Single Sign-On (SSO).
    • Does not require a two-way trust relationship to be established between domains.
    • A lightweight solution for synchronizing.

    Have Questions?