How to setup Azure AD Connect cloud sync to your Organization

Introducing Azure AD Connect Cloud Sync, a cutting-edge solution by Microsoft designed to cater to your hybrid identity needs for seamless synchronization of users, groups, and contacts to Azure AD. This innovative offering utilizes the Azure AD cloud provisioning agent, presenting a departure from the traditional Azure AD Connect application. 

Selecting the right sync client depends on your specific requirements and environment. Microsoft offers two primary sync clients for synchronizing on-premises Active Directory with Azure Active Directory: Azure AD Connect and Azure AD Connect Cloud Sync. Let's compare the two options using the Wizard to evaluate sync options.

	Cloud Sync (recommended) Solution for a multi-national org that wants to consolidate your identities or if you are building a cloud strategy to reduce your on-premises footprint.	Connect Sync On-premises solution that takes all the operations that are related to synchronize identity data between your on-premises environment and Azure AD.
Sync cycle	2 minutes	30 minutes
Connect to single and multiple on-premises AD forests	X	X
Connect to multiple on-premises AD forests	X	X
Connect to multiple disconnected on-premises AD forests	X
Lightweight agent installation model	X
Multiple active agents for high availability	X
Connect to LDAP directories		X
Synchronize Exchange Online attributes	X	X
Support for Password Hash Sync	X	X
Support for writeback (passwords, devices, groups)	X	X
Exchange hybrid writeback		X
On-demand provisioning	X	X

More Details: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/cloud-sync/what-is-cloud-sync 

Install Cloud Sync 

1. In the Azure portal, select Azure Active Directory.

2. On the left, select Azure AD Connect.

3. On the left, select Cloud sync.

4. On the left, select Agent.

5. Select Download on-premises agent, and select Accept terms & download.

6. Once the Azure AD Connect Provisioning Agent Package has completed downloading, run the AADConnectProvisioningAgentSetup.exe installation file from your downloads folder.

7. On the splash screen, select I agree to the license and conditions, and then select Install.

8. Once the installation operation completes, the configuration wizard will launch. Select Next to start the configuration.

9. On the Select Extension screen, select HR-driven provisioning (Workday and SuccessFactors) / Azure AD Connect Cloud Sync and click Next.

Read more on Provisioning

10. Sign in with your Azure AD global administrator account.

11. On the Configure Service Account screen, select a group Managed Service Account (gMSA). This account is used to run the agent service.

12. Select the Onprem details

13. On the Configuration complete screen, select Confirm and exit.

Verify the agent installation

To verify that the agent is being registered by Azure AD, follow these steps:

• Sign in to the Azure portal.
• Select Azure Active Directory.
• Select Azure AD Connect, and then select Cloud sync.
• Select Agent

Configuration for Cloud Sync

To configure Cloud Sync, follow these steps:

• Sign in to the Azure portal.
• Select Azure Active Directory.
• Select Azure AD Connect, and then select Cloud sync.
• Select Configuration and click New Configuration

• Select the active directory domain you like to sync and Click next

• Click Review and enable, then Select Enable Configuration. 

You can verify by going to overview page

Scope Filtering by OU & Security Group

By default Scope filtering is set to All users. Select the preferred option.