Azure AD Connect Design
|# of Server||Core||RAM||HDD||OS/Domain||Internet Access|
|1||4||8||200||· Windows 2016 updated up to date & Joined to Domain with one NIC connect to LAN.
· Domain Admin user required for the installation.
· Azure Global Admin required for the installation.
|Internet access required.
- Fix Users Accounts errors such as duplicates and formatting problems in Active Directory before start synchronizing to Azure AD.
- External and Internal Azure/Office365 users will access the Online and On-Premises (Published)
- Azure subscription
- Custom verified Domain Name
- AD schema version and forest functional level must be Windows Server 2003 or later
- The domain controller used by Azure AD must be writable. It is not supported to use a RODC
- The Azure AD Connect server must have .NET Framework 4.5.1 or later and Microsoft PowerShell 3.0 or later installed.
- The Azure AD Connect server must not have PowerShell Transcription Group Policy enabled
- Azure AD Connect will be Downloaded from internet on the same machine
- If your proxy or firewall limit which URLs can be accessed, then the URLs documented in Office 365 URLs and IP address rangesmust be opened.
- Proxy connection idle timeout for Azure AD Connect must be set to 6 minutes or more
- For Single Sign On (SSO) the following URLs, must be added to Intranet zone settings using Group Policy in Active Directory:
- Allow : *.msappproxy.net URLs and over port 443
- One AD connect server will be installed to Sync on-premises users to Azure AD on main site only. no Load Balancing