Forum Discussion
Azure AD synch and different Azure AD tenants?
Azure AD is synch with Original.com which is the on-premise AD. We have another AD forest called Dev.com and want to synch with Azure AD. They each have different subscriptions. Original.com syn...
Azure AD Connect (AAD Connect) is the recommended tool for the job. AAD Connect is a more robust tool than Azure AD Cloud Sync, and it has additional features that are useful for managing multiple forests.
To synchronize multiple forests with AAD Connect, you'll need to install it on a server in each of your forests. You'll also need to configure each instance of AAD Connect to sync with the same Azure AD tenant. Once this is set up, AAD Connect will synchronize the directories in each of your forests with Azure AD, allowing you to manage user accounts and other directory objects across all your forests from a single location.
Some things to keep in mind when using AAD Connect for multi-forest synchronization:
You'll need to configure each instance of AAD Connect with its own set of synchronization rules. This will allow you to customize the sync process for each forest as needed.
You'll also need to configure each instance of AAD Connect with its own set of credentials for connecting to the forest. These credentials should have the necessary permissions to read the directory and synchronize objects to Azure AD.
If you're using AAD Connect to synchronize multiple forests, it's important to keep the forests separate. Don't create cross-forest trusts or merge the forests in any way, as this can cause issues with the sync process.
https://learn.microsoft.com/en-us/azure/architecture/example-scenario/wvd/multi-forest
To synchronize multiple forests with AAD Connect, you'll need to install it on a server in each of your forests. You'll also need to configure each instance of AAD Connect to sync with the same Azure AD tenant. Once this is set up, AAD Connect will synchronize the directories in each of your forests with Azure AD, allowing you to manage user accounts and other directory objects across all your forests from a single location.
Some things to keep in mind when using AAD Connect for multi-forest synchronization:
You'll need to configure each instance of AAD Connect with its own set of synchronization rules. This will allow you to customize the sync process for each forest as needed.
You'll also need to configure each instance of AAD Connect with its own set of credentials for connecting to the forest. These credentials should have the necessary permissions to read the directory and synchronize objects to Azure AD.
If you're using AAD Connect to synchronize multiple forests, it's important to keep the forests separate. Don't create cross-forest trusts or merge the forests in any way, as this can cause issues with the sync process.
https://learn.microsoft.com/en-us/azure/architecture/example-scenario/wvd/multi-forest