Forum Discussion
Azure AD Connect on a DC
Hi Glenn,
In my opinion, the recommended installation is always in a separate server regarding to isolate points of failure.
In past time e.g.. Dirsync it was not supported but Microsoft has expanded the support on installation on servers with other roles using Express Instalation.
If you install AD Connect on a DC or other machine with other products, it would be harder to understand a problem if occurs in your environment either the problem is on the DC role or AD Connect.
Thanks for the response Nuno. That was helpful. However, do you also have some thoughts regarding the question about installing Azure AD Connect on a Domain Controller?
Again, I'm not seeing anything (yet) that says this is a bad idea in an "Express" scenario like mine. Just that typically Microsoft is very good about being clear on this sort of thing.
Thanks again and let me know if you have some thoughts on the AADC on DC.
Hi Glenn,
In my opinion, the recommended installation is always in a separate server regarding to isolate points of failure.
In past time e.g.. Dirsync it was not supported but Microsoft has expanded the support on installation on servers with other roles using Express Instalation.
If you install AD Connect on a DC or other machine with other products, it would be harder to understand a problem if occurs in your environment either the problem is on the DC role or AD Connect.
In my experience it is not recommended to install Azure AD conect on a DC, Azure AD comes with an SQL express database. Which wil adopt a lot of memory of the current machine. Another issue is that you might need to reboot the Sync server for updates etc, and i think would not like to do that to often to a domain controller. Another thing is the Metaverse sync you can get a lot of bad synced items within the metaverse. This also happens due to short of memory.
And like Nuno said troubleshooting AzureAD Connect will become more difficult for instance if you have duplicate identities or Hash errors.
