Creating a Global Administrator account for Azure AD Connect
During the Azure AD Connect configuration, we require an account that has Global Administrator privileges (in Azure). It is recommended to use a separate account for this.
In order to create a user account, perform the following steps:
- Click on Azure Active Directory in the Azure portal.
- Click on All users | + New user:
Figure 18.25: Create new user
- Then, type the account name and username in the relevant fields. After that, click on Directory role and make sure that you select Global Administrator.
- After creating the user, log in to the Azure portal using the new account details and make sure that the account is in a working state before using it for AD sync.
- Also, make sure that this account is a member of the AAD DC Administrators group. This will provide administrative privileges to the managed domain.
The next step of the configuration is to set up Azure...
