Windows Azure and Office365 – Creating a Synchronization Account

After creating the Azure subscription and preparing the local Active Directory our next step is to create a service account in Windows Azure. This account is not a requirement but it is a good idea to secure it properly and leave that account just for the synchronization process.

Creating the Windows Azure account…

Logged on Windows Azure, let’s click on All Items, then double click on the Directory listed on the right side, click on on Users tab.

In the bottom, click on Add user


In the new page, let’s select New user in your organization and let’s name this account as svc.Azure.Sync and let’s select the domain that we have already added and validated (, click in Next icon.


In the User Profile page. Let’s fill out the information for our new user and the role assigned to it must be changed to Global Administrator. We need to configure an alternate e-mail address (any valid e-mail address) and the option Enable Multi-Factor Authentication must be unchecked. Click on Next icon.


In the Get Temporary password page. Click on Create.image14

In the Get Temporary password page. A temporary password will be displayed, memorize the content of the new password and we have the option to send it by e-mail but I personally do not recommend for this account.  Click on complete icon.


Managing subscriptions in Azure…

After creating the account, let’s click on Settings and then Administrators tab. Click on Add located at the bottom bar.


In the new page specify the e-mail address of the account that we have just created and select the subscription (in our case we are using the free trial) and click on complete icon.

Note: At this point the e-mail address specified as administrator is not operational but that is not a problem.


The result of our operation is shown in the figure below.


First logon in the Azure Portal with the Synchronization Account…

Our next step is to change the password for that account, let’s open in a Internet browser and let’s click on the second option on the left side which is Sign in with your organization account


That will bring a new page, let’s fill out the credentials using our newly created account and its temporary password and click on Sign in.image12[1]

After the first logon the password must be changed and the old password is required for that process, fill out the information required and use a strong password for that account. You will use that account just when managing the synchronization of your environment.


Now the same page asking for credentials will be displayed. You need to enter again your information and the new password that we just defined, and that is it! Now you will have the welcome wizard from Windows Azure.