Azure AD Connect Design
Following details:
# of Server | Core | RAM | HDD | OS/Domain | Internet Access |
1 | 4 | 8 | 200 | · Windows 2016 updated up to date & Joined to Domain with one NIC connect to LAN.
· Domain Admin user required for the installation. · Azure Global Admin required for the installation. |
Internet access required.
With/without proxy |
- Fix Users Accounts errors such as duplicates and formatting problems in Active Directory before start synchronizing to Azure AD.
- External and Internal Azure/Office365 users will access the Online and On-Premises (Published)
- Azure subscription
- Custom verified Domain Name
- AD schema version and forest functional level must be Windows Server 2003 or later
- The domain controller used by Azure AD must be writable. It is not supported to use a RODC
- The Azure AD Connect server must have .NET Framework 4.5.1 or later and Microsoft PowerShell 3.0 or later installed.
- The Azure AD Connect server must not have PowerShell Transcription Group Policy enabled
- Azure AD Connect will be Downloaded from internet on the same machine
- If your proxy or firewall limit which URLs can be accessed, then the URLs documented in Office 365 URLs and IP address rangesmust be opened.
- Proxy connection idle timeout for Azure AD Connect must be set to 6 minutes or more
- For Single Sign On (SSO) the following URLs, must be added to Intranet zone settings using Group Policy in Active Directory:
- Allow : *.msappproxy.net URLs and over port 443
Design Summary:
- One AD connect server will be installed to Sync on-premises users to Azure AD on main site only. no Load Balancing
Add a Comment