Forum Discussion
Azure AD Connect on a DC
Hi Glenn,
In my opinion, the recommended installation is always in a separate server regarding to isolate points of failure.
In past time e.g.. Dirsync it was not supported but Microsoft has expanded the support on installation on servers with other roles using Express Instalation.
If you install AD Connect on a DC or other machine with other products, it would be harder to understand a problem if occurs in your environment either the problem is on the DC role or AD Connect.
Thanks for the response Nuno. That was helpful. However, do you also have some thoughts regarding the question about installing Azure AD Connect on a Domain Controller?
Again, I'm not seeing anything (yet) that says this is a bad idea in an "Express" scenario like mine. Just that typically Microsoft is very good about being clear on this sort of thing.
Thanks again and let me know if you have some thoughts on the AADC on DC.
MicrosoftHello,
I would like to add that although it is a supported configuration, it's not always best practice. Typically, when you install a domain controller, you want to make sure there are no other services that interfere or compete with the compute, memory, networking, or disk resources. Also, should there be an AAD Connect software error, a reboot may be required. Although the network should include multiple DC's for replication and HA purposes, few admins favor adding more resources to a busy and important server. The enviornments I have seen have been typically independent AAD Connect servers. I hope this helps. - Josh