How to Run Easy365Manager From an Azure AD Domain Joined PC

Starting with Easy365Manager Version 1.5.2, you can now run Easy365Manager from an Azure AD domain joined PC.

This is useful when you have migrated your PCs from on-premises AD to Azure AD but still need to maintain and manage a hybrid Office 365 setup.

Follow these instructions to set up Easy365Manager on an Azure AD domain joined PC.

Check Your DNS Settings

Before setting up Easy365Manager, you should ensure that your PC can fully resolve the DNS of your on-premises AD:

Your client PC must either use DNS servers from the on-premises AD or it must use DNS servers that are integrated with (forwarding to) the on-premises AD DNS servers.

Also, you must either use FQDNs when configuring your domain controller and Azure AD Connect server or ensure that the proper DNS search suffix list is configured on your system.

In this guide, we’ll use FQDNs to eliminate the need for additional DNS search suffix list configuration.

Install Active Directory Users & Computers

Easy365Manager is a snap-in to Active Directory Users & Computers. Therefore, you need to have Active Directory Users & Computers on your system before installing Easy365Manager.

On Windows 10 version 1809, you can install Active Directory Users & Computers using the following PowerShell command:

Get-WindowsCapability -Name RSAT.ActiveDirectory* -Online | Add-WindowsCapability -Online

Refer to this guide to install Active Directory Users & Computers on earlier versions of Windows.

Download and Install Easy365Manager

Download and install Easy365Manager 1.5.2 or later. Select the default options when running the .msi installer.

Configure Windows Credentials

Configure the Windows credentials you will use to connect to your on-premises domain controller and your Azure AD Connect Server.

Open Control Panel and select Credential Manager:

Select Windows Credentials and click on Add a Windows credential:

Credential Manager, add new Windows credentials

Enter the FQDN of a domain controller. Make sure to use the preferred domain controller for optimal replication of AD changes.

Enter the user name and the password of your AD account (that has permission to manage users, groups, and contacts).

Credential Manager, configure new credentials.

Then perform the same steps for your Azure AD Connect Server.

Make sure to assign an AD account that has permission to connect with remote PowerShell to the AAD Connect Server and has permission to trigger a synchronization.

Refer to the Installation and Configuration Guide for more information.

Enable Remote Synchronization of Your Azure AD Connect Server

The account you use to connect to Azure AD Connect (configured in the previous step) must be allowed to trigger an Azure AD Connect synchronization.

This implies having the ability to

  • Connect with remote PowerShell to the Azure AD Connect Server
  • Perform an Azure AD Connect synchronization.

Both of these requirements are described in more detail in the Installation and Configuration Guide.

When using an Azure AD domain joined PC, configuring the TrustedHosts list of your client PC is required.

Add the Azure AD Connect server to your TrustedHosts list by running the following PowerShell command on your client PC:

Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'DC-01.easy365manager.local' -Concatenate -Force

Replace the server name with the FQDN of your Azure AD Connect Server.

Verify that the Azure AD Connect Server was added successfully to your TrustedHosts list by issuing the following command:

PS C:\> Get-Item WSMAN:\localhost\client\TrustedHosts
   WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client
Type            Name                           SourceOfValue   Value
----            ----                           -------------   -----
System.String   TrustedHosts                                   DC-01.easy365manager.local

Configure Active Directory Users & Computers for First Use

Perform the following steps to configure Active Directory Users & Computers for first use.

Remove any existing configuration files for AD Users & Computers by deleting the file ‘dsa’ from the folder ‘%AppData%\Microsoft\MMC’:

Remove-Item $env:APPDATA\Microsoft\MMC\dsa

Notice that the ‘dsa’ file has no file extension.

Start AD Users & Computers from the Administrative Tools menu or run ‘dsa.mmc’.

You’ll see an error message which you can ignore:

Configure AD Users & Computers for Easy365Manager on an Azure AD domain joined PC.

AD Users & Computers will open in a non-connected mode.

Right-click the top node and select ‘Change Domain Controller…’:

Configure AD Users & Computers for Easy365Manager on an Azure AD domain joined PC.

Click on ‘<Type a Directory Server name[:port] here>’ and enter the FQDN of the preferred Domain Controller.

Select ‘Save this setting for the current console’ and click OK.

Configure AD Users & Computers for Easy365Manager on an Azure AD domain joined PC.

AD Users & Computers will now load.

To complete the configuration of Easy365Manager, select any user account and click properties.

Then select the Office 365 tab, which will open up the settings form.

Authenticate with MS Graph and Exchange Online, configure the FQDN of the Azure AD Connect Server and click OK:

The user’s Office 365 license and mailbox information will now load, and you’re ready to rock!

Did you like this post? Maybe your friends will too!