Global insurer sets foundations for digital transformation with Azure AD Connect

Our client, one of the largest global insurance companies, is currently undergoing significant digital transformation.

With over 100,000 staff working in more than 60 countries, the organisation is very complex, with a series of unique challenges.

The company’s digital transformation strategy is driven by two specific needs:

  1. To stop the company from being disrupted by potential new entrants to the market
  2. To improve relationships with customers, and to actually enable more contact with them throughout their life-cycle

The company was looking for an upgrade to their current FIM connector, DirSync, following Microsoft’s decision to end support for the tool in April 2017.

Oxford Computer Group’s (OCG) consultants had an in-depth level of knowledge of the company’s infrastructure, and following previous successful projects around the FIM platform, OCG was chosen to scope and design the architecture required, and complete the upgrade to their identity management platform.


The problem

Companies wanting to take advantage of the latest mobility and collaboration technologies, like Office 365, will need to make sure they have the right foundations in place to enable user adoption of the tools.

One such foundation is the connector between an on-premises FIM directory and Azure Active Directory. This provisions access to cloud apps like Office 365.

Up until now, this has been facilitated with Office 365 Directory Synchronisation, also known as DirSync. This tool has been a popular method for linking cloud identities to an on-premises active directory. However, Microsoft withdrew support for DirSync in April 2017. As a result, companies using this synchronisation tool are strongly advised to upgrade.

News of an Office 365 DirSync replacement was hardly surprising. Microsoft has been making changes to the Office 365 environment at an unprecedented rate. While the majority of these updates have affected the services, the way that identities synchronise has also changed.

After 31 December 2017, Azure AD will stop accepting connections from DirSync, leaving companies with little choice but to move away from the platform.


The solution

The adoption of Office 365 is crucial to the success of the client’s digital transformation strategy. It enables improvements to employee productivity and collaboration in a secure environment. And as such, it’s vital that the right tools for the job are selected.

As companies adopt and enable mobility of employees, data and devices, they are turning to identity and access management providers to provision the secure access required to make mobility a safe reality.

This customer was looking to set the foundations to underpin their digital transformation strategy. In order for the organisation to be able to adopt Office 365, one of the key elements of the strategy, they needed to review their options following the withdrawal of support for DirSync.

Although the existing FIM connector was originally installed by another IT company, due to the complexity of the organisation, and the complex nature of the new platform, they decided to work with a tried and tested partner, Oxford Computer Group (OCG).

The project started with a Vision Workshop with one of OCG’s Senior Architects, David Guest.

“We were impressed with the way he considered the business needs, the infrastructure and the unique challenges.”

“Dave quickly understood what we were looking to achieve,” says a spokesperson from the company. “We were impressed with the way he considered the business needs, the infrastructure and the unique challenges, and presented a solution that would satisfy our requirements.”

The option to upgrade from DirSync to Azure Active Directory Connect was selected, which not only offered a replacement for DirSync, but also provided a series of improvements.

There followed two days of envisioning and design, after which the customer was ready to proceed to the implementation phase.

While the removal of support for the tool is a key driver for upgrading, the new synchronisation tool, Azure Active Directory (AD) Connect also offers some new features:

  • Password write back: enables password self-service, and therefore the reduction in manual service desk password reset, and productivity improvements for users
  • Device write back: visibility of registered devices in the active directory, providing additional security over device access
  • Group write back: changes in group membership in the cloud are synced to the active directory, so users with on premises Exchange mailboxes can send and receive from those groups

Azure AD Connect is more capable, easier to configure, supports more scenarios, and offers greater flexibility than DirSync.

The customer was delighted that they were able to choose a partner that’s based in the UK, with close links to their architectural team. The lead OCG consultant on the project, Andy Duncan, was experienced in the customer’s infrastructure, which helped the project to run smoothly.

“”The design was well thought out, and we are very happy with how the project has progressed.”

Overall, the upgrade to Azure AD Connect gave the client the ideal solution to support their digital strategy.

“We were very impressed with the way the Oxford Computer Group team took time to fully understand our digital transformation strategy,” says the Solutions Architect leading the project for the customer. “The design was well thought out, and we are very happy with how the project has progressed smoothly.

“We wanted to support our digital transformation strategy by improving the productivity and collaboration across our 100,000+ users by deploying Office 365. The work completed by OCG has given us the foundation to underpin the transformation.”


The future

Following the completion of the Azure AD Connect project for the UK and rest of the world, the customer is replicating the update in the US. The US directory is held on a separate server for compliance purposes, and therefore needs to be brought up to the same standard of the rest of the company’s environment.

The company is also looking to further simplify its provisioning infrastructure by condensing the number of FIM servers by 50%, in conjunction with evolving their digital workplace processes and procedures.



As Azure AD will stop accepting connections from DirSync after December 2017, businesses are being encouraged to upgrade to Azure AD Connect. The upgrade will provide organisations with a long-term solution to the synchronisation of on-premises and cloud directories, crucial in the rollout of Office 365.

IDC expects that the percentage of enterprises creating advanced digital transformation initiatives will more than double by 2020, from 2016’s 22% to almost 50%. Many of these will include the adoption of collaboration tools such as Office 365.

OCG specialises in laying the foundations for digital transformation projects, ensuring security is built in from the start. Such security elements are designed to adapt as threats evolve.


We can help…

If your organisation needs support switching from DirSync to Azure AD Connect, or you have any questions about your next digital transformation project, please fill in the short form below. A member of our friendly team will be in touch shortly with more information.