Microsoft recently announced the general availability of Azure AD Connect Health, a feature for monitoring the status of your synchronization or federation between on-premises Active Directory (AD) and the cloud-based Azure Active Directory (Azure AD).
Microsoft describes Azure AD Connect Health as a feature that:
… helps you monitor and gain insights into your on-premises identity infrastructure and the synchronization services
Azure AD is used by all of Microsoft’s enterprise cloud services, such as Azure and Office 365, to authenticate and authorize users — many people are unaware that they are using Azure AD’s free version when they deploy Office 365. We can synchronize identity and password hashes from the cloud to Azure AD to get single sign-on with Microsoft’s cloud services and with at least 2,800 third-party cloud services, too, including Microsoft competitors such as SAP, Google, and AWS. The means for enabling this are:
With single sign-on via Azure AD deployed, the health of these solutions becomes critical to the business; therefore, Microsoft created Azure AD Connect Health.
This Azure AD synchronization and federation health monitoring solution from Microsoft is a benefit that customers of Azure AD Premium can avail of.
There are two ways that you can connect your on-premises AD to Azure AD, and there are two ways two monitor the health of these connections.
Azure AD Connect Health for ADFS offers support for federated identity, based on ADFS 2.0 running on Windows Server 2008 R2, Windows Server 2012, or Windows Server 2012 R2. It also supports AD FS proxy or web application proxy servers for extranet services access. The features include:
Azure AD Connect Health for sync, which is built into Azure AD Connect (you must be on a current version), will be used by anyone using Azure AD Connect to synchronize identity to the cloud, sometimes referred to as shared sign-on; this solution offers the following features:
Not only can it monitor the health of your connection to Azure AD, but Microsoft also added a preview for monitoring on-premises domain health using Azure AD Connect Health for Active Directory Domain Services (ADDS), a critical element to the functionality of the total identity solution, supporting:
Between OMS, Azure AD Connect Health, Azure AD Connect Health for ADDS, and System Center Operations Manager (SCOM), we will have an abundance of identity monitoring solutions from Microsoft.