I want to migrate active directory accounts from multiple on-premise servers (located on different location and having same domain name) to Office 365.
I am using Azure AD Connect to sync these accounts and I tested by creating a dummy environment (single server). Everything is working fine. Now the thing I want to know is that can I configure Azure AD Connect similarly on all my servers so that account from all servers will be synced on Office 365.
Points to note here:
- I don't have any conflict in usernames on my server
- I already have email account of users on office 365 and want to merge on-premise and Office 365 account based on username/ email address
- I want password synchronization
- Enable SSO (Single Sign On) for Office 365 account
My main doubt is about SSO because when I configured Azure AD Connect on my single server dummy environment, it configured SSO so if I will do same thing on all server do I need to do SSO configuration also or I have to leave this step one other servers?
Best Answer
I suggest you read this MS article:
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-topologies
Specifically this section:
You CAN have one or more STAGING servers, but they are only for DR purposes and really aren't even needed short of remembering your configuration/sync settings.
If you export and document your AADConnect settings/mappings/customization then you can just as easily rebuild a new AADConnect server in a DR scenario.
You CANNOT have more than one AADConnect sync server in your environment connecting to the same Azure AD tenant.