Sync Active Directory Account to Azure Active Directory
Follow these steps to configure a Microsoft Active Directory (AD) account to synchronize with Azure Active Directory (AAD) so that a non-uniqname account can be used with CrashPlan.
Background
The ITS Desktop Backup service powered by CrashPlan utilizes AAD for authentication.
Uniqname accounts in UMROOT are configured to automatically sync with AAD, allowing AAD to be used to authenticate to some cloud services, including CrashPlan.
Non-uniqname accounts are not synced this way. In some situations, logon to a university computer may be configured to use a non-uniqname AD account. If a device is used with a non-uniqname account and that device will be backed up using the Desktop Backup service, then it may be necessary to sync the non-uniqname account to AAD in order for CrashPlan to be used.
IT staff with organizational unit (OU) admin permissions can configure non-uniqname accounts to sync to AAD. In order to do so, the account must be in the sub-OU of the organization’s OU in UMROOT.
Note that it can take up to 30 minutes for the account to become available in Azure Active Directory after being synced.
Process
On a UMROOT domain-joined Windows computer, run the Active Directory Users and Computers tool as an OU-admin user.
Click to enable Advanced Features within the View menu.
Expand adsroot.itcs.umich.edu, and then expand the UMICH and Organizations menus.
Navigate to the sub-OU that contains the user account you wish to sync to AAD. Right-click the user account, and then select Properties.
Select the Attribute Editor tab, and then click extensionAttribute8 to highlight it.
Click Edit to add a value for extensionAttribute8. Enter the value of “Sync”, and then click OK.