Windows Azure and Office365 – Creating a Synchronization Account

Share this:

After creating the Azure subscription and preparing the local Active Directory our next step is to create a service account in Windows Azure. This account is not a requirement but it is a good idea to secure it properly and leave that account just for the synchronization process.

Creating the Windows Azure account…

Logged on Windows Azure, let’s click on All Items, then double click on the Directory listed on the right side, click on on Users tab.

In the bottom, click on Add user


In the new page, let’s select New user in your organization and let’s name this account as svc.Azure.Sync and let’s select the domain that we have already added and validated (, click in Next icon.


In the User Profile page. Let’s fill out the information for our new user and the role assigned to it must be changed to Global Administrator. We need to configure an alternate e-mail address (any valid e-mail address) and the option Enable Multi-Factor Authentication must be unchecked. Click on Next icon.


In the Get Temporary password page. Click on Create.image14

In the Get Temporary password page. A temporary password will be displayed, memorize the content of the new password and we have the option to send it by e-mail but I personally do not recommend for this account.  Click on complete icon.


Managing subscriptions in Azure…

After creating the account, let’s click on Settings and then Administrators tab. Click on Add located at the bottom bar.


In the new page specify the e-mail address of the account that we have just created and select the subscription (in our case we are using the free trial) and click on complete icon.

Note: At this point the e-mail address specified as administrator is not operational but that is not a problem.


The result of our operation is shown in the figure below.


First logon in the Azure Portal with the Synchronization Account…

Our next step is to change the password for that account, let’s open in a Internet browser and let’s click on the second option on the left side which is Sign in with your organization account


That will bring a new page, let’s fill out the credentials using our newly created account and its temporary password and click on Sign in.image12[1]

After the first logon the password must be changed and the old password is required for that process, fill out the information required and use a strong password for that account. You will use that account just when managing the synchronization of your environment.


Now the same page asking for credentials will be displayed. You need to enter again your information and the new password that we just defined, and that is it! Now you will have the welcome wizard from Windows Azure.


Written by Anderson Patricio

Anderson Patricio

Anderson Patricio is a Canadian MVP in Cloud and Datacenter Management, and Office Server and Services, besides the Microsoft Award he also holds a Solutions Master (MCSM) in Exchange and several other certifications. Anderson has been contributing to the Microsoft Community with articles, tutorials, blog posts, twitter, forums and book reviews. He is a regular contributor here at,, and Anderson (Portuguese).

Related Post

Azure Backup – Part 1 One of the first workloads that usually the majority the organizations wants to start to use in Azure is to replace the tape to Cloud Backup. Followin...
Azure Backup – Part 3 – Backup Virtual Machines... On the first post (see here), I explained how the Azure backup works. On this post, I’m explaining how to backup Virtual Machines with Azure Backup. ...
Managing passwords expiration policy in Office365 In this Tutorial we are going over the process to manage password expiration policy in Office365 for those companies that do not synchronize account i...
MethodNotAllowed when using Backup-AzureKeyVaultSe... I’ve been working with Azure Automation in the last few days, and during the creation of the code I was using PowerShell ISE to backup and restore Azu...