后续步骤以及如何管理 Azure AD ConnectNext steps and how to manage Azure AD Connect

使用本文中介绍的操作流程,根据组织的需要和要求自定义 Azure Active Directory (Azure AD) Connect。Use the operational procedures in this article to customize Azure Active Directory (Azure AD) Connect to meet your organization's needs and requirements.

添加更多的同步管理员Add additional sync admins

默认情况下,只有执行安装的用户和本地管理员才能管理安装的同步引擎。By default, only the user who did the installation and local admins are able to manage the installed sync engine. 要使其他用户能够访问和管理同步引擎,请在本地服务器上找到名为 ADSyncAdmins 的组,并将这些用户添加到此组中。For additional people to be able to access and manage the sync engine, locate the group named ADSyncAdmins on the local server and add them to this group.

验证计划的同步任务Verify the scheduled synchronization task

使用 Azure 门户检查同步状态。Use the Azure portal to check the status of a synchronization.

验证计划的同步任务To verify the scheduled synchronization task

  1. 以管理员身份登录 Azure 门户。Sign in to the Azure portal as an admin.
  2. 在左侧选择“Active Directory”。On the left, select Active Directory.
  3. 在左侧选择“Azure AD Connect”On the left, select Azure AD Connect
  4. 在页面顶部,记下最后一次同步。At the top of the page, note the last synchronization.

目录同步时间

启动计划的同步任务Start a scheduled synchronization task

如果需要运行同步任务,可以通过以下方式执行此操作:If you need to run a synchronization task, you can do this by:

  1. 双击 Azure AD Connect 桌面快捷方式以启动向导。Double-click on the Azure AD Connect desktop shortcut to start the wizard.
  2. 单击 “配置”Click Configure.
  3. 在任务屏幕上,选择“自定义同步选项”,然后单击“下一步”。On the tasks screen, select the Customize synchronization options and click Next
  4. 输入 Azure AD 凭据Enter your Azure AD credentials
  5. 单击“下一步”。Click Next. 单击“下一步” 。Click Next. 单击“下一步”。Click Next.
  6. 在“已准备好进行配置”屏幕上,确保已选中“配置完成后启动同步过程”复选框。On the Ready to Configure screen, ensure that the Start the synchronization process when configuration completes box is selected.
  7. 单击 “配置”Click Configure.

有关 Azure AD Connect 同步计划程序的详细信息,请参阅 Azure AD Connect 计划程序For more information on the Azure AD Connect sync Scheduler, see Azure AD Connect Scheduler.

Azure AD Connect 中提供的其他任务Additional tasks available in Azure AD Connect

在完成 Azure AD Connect 的初始安装后,随时可以从 Azure AD Connect 启动页或桌面快捷方式再次启动向导。After your initial installation of Azure AD Connect, you can always start the wizard again from the Azure AD Connect start page or desktop shortcut. 在再次完成向导的过程中,会发现,它会以“其他任务”的形式提供一些新选项。You will notice that going through the wizard again provides some new options in the form of additional tasks.

下表提供了这些任务的摘要以及每个任务的简要描述。The following table provides a summary of these tasks and a brief description of each task.

其他任务列表

其他任务Additional task 说明Description
隐私设置Privacy Settings 查看正在与 Microsoft 共享的遥测数据。View what telemetry data is being shared with Microsoft.
查看当前配置View current configuration 查看当前的 Azure AD Connect 解决方案。View your current Azure AD Connect solution. 包括常规设置、同步的目录和同步设置等。This includes general settings, synchronized directories, and sync settings.
自定义同步选项Customize synchronization options 更改当前配置,例如在配置中添加其他 Active Directory 林,或启用同步选项(例如用户写回)。Change the current configuration like adding additional Active Directory forests to the configuration, or enabling sync options such as user write-back.
配置设备选项Configure device options 可用于同步的设备选项Device options available for synchronization
刷新目录架构Refresh directory schema 允许你为同步添加新的本地目录对象Allows you to add new on-premises directory objects for synchronization
配置暂存模式Configure Staging Mode 对未立即同步且未导出到 Azure AD 或本地 Active Directory 的信息进行暂存。Stage information that is not immediately synchronized and is not exported to Azure AD or on-premises Active Directory. 使用此功能可在同步前进行预览。With this feature, you can preview the synchronizations before they occur.
更改用户登录Change user sign-in 更改用户用来登录的身份验证方法Change the authentication method users are using to sign-in
管理联合身份验证服务Manage federation 管理 AD FS 基础结构,续订证书,以及添加 AD FS 服务器Manage your AD FS infrastructure, renew certificates, and add AD FS servers
故障排除Troubleshoot 有关排除 Azure AD Connect 问题的帮助信息Help with troubleshooting Azure AD Connect issues

后续步骤Next steps

了解有关将本地标识与 Azure Active Directory 集成的详细信息。Learn more about integrating your on-premises identities with Azure Active Directory.