Forum Discussion

Glenn V's avatar
Glenn V
Brass Contributor
Apr 06, 2017
Solved

Azure AD Connect on a DC

With the documentation I've found so far I'm a bit unclear whether or not it is best practice to install Azure AD Connect on a domain controller. In this particular scenario we are looking at a singl...
Azure Active Directory (AAD)
  • NunoAriasSilva's avatar
    NunoAriasSilva
    Apr 07, 2017

    Hi Glenn,

     

    In my opinion, the recommended installation is always in a separate server regarding to isolate points of failure.

     

    In past time e.g.. Dirsync it was not supported but Microsoft has expanded the support on installation on servers with other roles using Express Instalation.

     

    If you install AD Connect on a DC or other machine with other products, it would be harder to understand a problem if occurs in your environment either the problem is on the DC role or AD Connect. 

David Delorge's avatar
David Delorge
Copper Contributor
Dec 01, 2017

Yes, deploying AD sync on a DC is very common practice. I would recommend installing it also on the secondary dc but not enabling it. Thus, if the Primary goes offline, you can reconnect to Azure AD. :)

Resources