In this video, I walk through a full step by step demo of configuring Microsoft Entra Hybrid Join, including Active Directory cleanup, Connect Sync installation, and device synchronization.

What's covered:

- Lab environment overview including on premises domain controller and custom domain added to Microsoft 365 tenant

- Using IDFix to clean up Active Directory before synchronization (fixing duplicates, invalid characters and unsupported values)

- Downloading and installing Microsoft Entra Connect Sync from the Entra Admin Center

- Cloud Sync vs Connect Sync and when to use each

- Authentication options explained: Password Hash Synchronization, Pass Through Authentication, Federation with ADFS and Ping Federate

- Enabling Password Hash Synchronization and Seamless Single Sign On

- Selecting specific Organizational Units (OUs) for synchronization instead of syncing the entire domain

- Configuring user identity matching and source anchor settings

- Optional features explained: Password Writeback (required for Self Service Password Reset), Group Writeback, Device Writeback and Directory Extension Attribute Sync

- Verifying sync status and Seamless SSO in Microsoft Entra Connect Health

- Configuring device synchronization using the Configure Device Options wizard

- How to force a delta or full synchronization using PowerShell commands

- Default sync cycle interval (every 30 minutes) and how to customize it

Whether you are setting up hybrid identity for the first time or looking to fine tune your sync configuration, this video covers everything you need to get Microsoft Entra Hybrid Join up and running.