4. October 2014 21:58
By
Peter Selch Dahl
In
The following charts provide a comparison of the features that each of the three tools currently supports for synchronizing your directory with Azure Active Directory. You can use these charts to help determine which tool is the correct one to use for your situation.
Important |
CS = Coming Soon! |
On-Premises to Cloud Synchronization
Feature
|
Azure Active Directory Synchronization Tool (DirSync)
|
Azure Active Directory Synchronization Services (AAD Sync)
|
Forefront Identity Manager 2010 R2 (FIM)
|
Connect to single on-premises AD forest
|
X
|
X
|
X
|
Connect to multiple on-premises AD forests
|
|
X
|
X
|
Connect to single on-premises LDAP directory (no AD at all)
|
|
CS
|
X
|
Connect to multiple on-premises LDAP directories
|
|
CS
|
X
|
Connect to on-premises AD and on-premises LDAP directories
|
|
CS
|
X
|
Connect to custom systems (i.e. SQL, Oracle, MySQL, etc.).
|
|
CS
|
X
|
Synchronize customer defined attributes (directory extensions)
|
CS
|
CS
|
|
Cloud to On-Premises Synchronization
Feature
|
Azure Active Directory Synchronization Tool (DirSync)
|
Azure Active Directory Synchronization Services (AAD Sync)
|
Forefront Identity Manager 2010 R2 (FIM)
|
Write-back of devices
|
X
|
CS
|
|
Attribute write back (for Exchange hybrid deployment )
|
X
|
X
|
X
|
Write-back of users, groups objects
|
CS
|
CS
|
|
Write-back of passwords (from SSPR and password change)
|
CS
|
CS
|
|
Write-back of customer defined attributes (directory extensions)
|
CS
|
CS
|
|
Authentication Feature Support
Feature
|
Azure Active Directory Synchronization Tool (DirSync)
|
Azure Active Directory Synchronization Services (AAD Sync)
|
Forefront Identity Manager 2010 R2 (FIM)
|
Password Hash Sync for single on-premises AD forest
|
X
|
CS
|
|
Password Hash Sync for multiple on-premises AD forests
|
|
CS
|
|
Federation (SSO)
|
X
|
X
|
X
|
Set-up and Installation
Feature
|
Azure Active Directory Synchronization Tool (DirSync)
|
Azure Active Directory Synchronization Services (AAD Sync)
|
Forefront Identity Manager 2010 R2 (FIM)
|
Supports installation on a Domain Controller
|
X
|
X
|
|
Supports installation using SQL Express
|
X
|
X
|
|
Step-up from DirSync to AADSync
|
|
|
|
Localization Windows Server languages)
|
X
|
CS
|
|
Support for Windows Server 2008 and Windows Server 2008 R2
|
X
|
X
|
X
|
Support for Windows Server 2012 and Windows Server 2012 R2
|
X
|
X
|
|
Filtering and Configuration
Feature
|
Azure Active Directory Synchronization Tool (DirSync)
|
Azure Active Directory Synchronization Services (AAD Sync)
|
Forefront Identity Manager 2010 R2 (FIM)
|
Filter on Domains and Organizational Units
|
X
|
X
|
X
|
Filter on attribute values on objects
|
X
|
X
|
X
|
Allow minimal set of attributes to be synchronized "MinSync"
|
|
X
|
|
Allow different service templates to be applied for attribute flows
|
|
X
|
|
Allow removing attributes from flowing from AD to AAD
|
|
X
|
|
Allow advanced customization for attribute flows
|
|
X
|
X
|
1f9c84b5-900d-4b9b-88fa-1152ae6fd004|0|.0|27604f05-86ad-47ef-9e05-950bb762570c
Tags: