I'm getting ready to move my company to the Microsoft 365 cloud services. We have a local AD server on Windows Server 2012 Standard.
I'm pretty new to Windows Server management, so running something directly on my AD server makes me a little nervous.
When getting ready to run MS Azure AD Connect, should I be aware of any AD down time? Or any other down sides that I should know about? I've read several tutorials, and documents on running it from MS, but none that I've read really addressed this concern, so I've been assuming that it's a fairly simple sync that either works, or doesn't, but won't affect the AD server itself.
Is this a correct assumption, or is this something I definitely shouldn't do during business hours, and prepare for a long night?
Best Answer
You don't have to install AD Connect on DC, you can also installed it on member server which is joined in the domain.If you use custom settings, the server can also be stand-alone and does not have to be joined to a domain. This can avoid affecting the DC during installation.
In addition, AD Connect supports two options for synchronization: Password synchronization and Federation with ADFS.
Password synchronization is simple, while Federation with ADFS is complex, and need ADFS involved.
The failure of AD Connect will not affect AD Server itself, but it'll affect the user who wants to access Office 365 by authenticating against Azure AD.
Considering that you are still in planning stage for deploying AD Connect, I would recommend to refer to the article below for prerequisites for AD Connect.
Prerequisites for AD Connect