Azure AD Connect Design


Azure AD Connect Design

Azure AD

 

Following details:

# of Server Core RAM HDD OS/Domain Internet Access
1 4 8 200 ·   Windows 2016 updated up to date & Joined to Domain with one NIC connect to LAN.

·   Domain Admin user required for the installation.

·   Azure Global Admin required for the installation.

Internet access required.

With/without proxy

  • Fix Users Accounts errors such as duplicates and formatting problems in  Active Directory before start synchronizing to Azure AD.
  • External and Internal Azure/Office365 users will access the Online and On-Premises (Published)
  • Azure subscription
  • Custom verified Domain Name
  • AD schema version and forest functional level must be Windows Server 2003 or later
  • The domain controller used by Azure AD must be writable. It is not supported to use a RODC
  • The Azure AD Connect server must have .NET Framework 4.5.1 or later and Microsoft PowerShell 3.0 or later installed.
  • The Azure AD Connect server must not have PowerShell Transcription Group Policy enabled
  • Azure AD Connect will be Downloaded from internet on the same machine
  • If your proxy or firewall limit which URLs can be accessed, then the URLs documented in Office 365 URLs and IP address rangesmust be opened.
  • Proxy connection idle timeout for Azure AD Connect must be set to 6 minutes or more
  • For Single Sign On (SSO) the following URLs, must be added to Intranet zone settings using Group Policy in Active Directory:

 

Design Summary:

  • One AD connect server will be installed to Sync on-premises users to Azure AD on main site only. no Load Balancing
Advertisements