The main component in a hybrid identity and access management solution is the connectivity between the on-premises Active Directory (AD)and the Azure Active Directory (AAD), including the related synchronization of objects and attributes. Microsoft tries to make the synchronization process straightforward without administrators needing to have the complete details of the system under the hood.

In this chapter, we'll discuss the essential identity-synchronization scenarios and tools for the successful implementation of a full hybrid identity life cycle management. We'll start with an overview of the Microsoft Identity Manager (MIM) and the Azure AD Connect tool, and then we can dive into the identity-synchronization scenarios. Afterward, we'll run through the different processes, the AD user account cleanup for a hybrid environment and all the crucial parts and steps of the identity synchronization in Azure AD Connect. The chapter will be rounded up with a lot of practical tips and use cases.

We'll cover the following essential topics:

• Technology overview
• Synchronization scenarios
• Synchronization terms and processes

In the first section, we start with the technology overview.