I have been reading a lot about this for a highly available environment. It states that the Staging Server reads all Azure AD changes so that it is ready for production. Does this mean that a staging server will also act as a highly available server for PTA? My interpretation is that it will accept authentication requests from PTA as well as the Azure AD Connect server where PTA is configured.
If my interpretation is incorrect then that means for true HA then we would need 3 servers. Primary AZADC server, second staging server, and a third server with the PTA agent installed.
This seems crazy to me if the staging server cannot handle PTA requests.
Update: After labbing and testing this scenario - Installing the second staging server works to handle PTA requests. Even thought the second Azure AD Connect server is in staging mode, it will look at the queue for authentication requests and verify authentication attempts. I tested this and deployed it in production with one primary AZADC in the on premises datacenter and then a staging server in Azure for DR.
Best Response confirmed by
Tom Gould (Contributor)