DEV Community

Samuel Arogbonlo
Samuel Arogbonlo

Posted on

How To Setup Password Hash Synchronization In Microsoft Azure

Security Face In Cloud

Azure is quickly becoming one of the most efficient cloud providers in the space and given that I am a DevOps engineer, I get to explore different cloud tools as related to projects over the years across different companies from FAANG to growing startups.

I have always held the idea that as long as IAM is sorted while dealing with the cloud, you can achieve awesome stuff meanwhile this piece will be on a simple IAM task via Hybrid Identity.

We are going to address how to synchronize an on-premise Azure Directory with Microsoft Azure, and the synchronization here is called Hybrid Identity. Some organizations do not have an on-premise use case and have to deal solely with the cloud and may not need this hybrid identity. Another possible scenario is with a team where there is an Office 365 setup coupled with the on-premise setup but there are different users that have unique login details which is crazy because as the client base increases then it’ll be difficult to maintain the list. So this is where the SSO and single authentication details come in handy to make the job way easier to implement.

NOTE: When you enter a password, it won't be saved as plain text, it goes through a special algorithm or hash process before it gives you access with the unique string. We will synchronize the password with the password hash synchronization method for easy access and control.

Prerequisites

  • Understand basic IAM analogies in Azure with Office 365 possibly.
  • Create an Azure tenant and verify IAM.
  • Connect a domain if necessary.
  • Have an Azure account.

Demo

  • Go to the AD portal via aad.portal.azure.com

  • Sync users and groups from the on-premise directory user AD by selecting the required text as shown below:

  • Download Azure AD connect and run the setup file with any necessary framework needed to be downloaded

  • Setup the Azure AD connect software with all required especially domain service credentials
  • Install the Azure AD software
  • There is a possibility that you encounter a configuration error, don’t panic, get access to your terminal and run set-execution policy remotesigned

Then go back to the portal and see the reflected users with the major one which is the administrator account.

Voila, you got it done!

The essence of authentication is to provide users with a set of credentials, such as a username and password, and to verify that they provide the correct credentials whenever they want access to the application. Hence, we need a way to store these credentials in our database for future comparisons. However, storing passwords on the server side for authentication is a difficult task.

Now, remember, this article is not only for experts in the software space, even newbies could hop in and learn a lot and that is why I try to make everything clear both in layman's and professional terms, so if you have any questions, shoot or you can also reach out to me on GitHub

Thanks for reading ❤️

Please leave a comment if you have any thoughts about the topic — I am open to learning and knowledge explorations.

I can imagine how helpful this post has been, do leave a clap 👏 below a few times to show your support for the author! Also, if you need a DevOps engineer for consulting and freelancing, I am the guy you are looking for; hire me, and let’s get that project done.

Top comments (0)