This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 31%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Ideally, Azure AD Connect should be installed on a dedicated domain-joined server, but you can also install it on your domain controller.
If I want to sync two different forests then my question is which forest's domain-joined server should be used to install AAD-Connect ??
On that note, is it possible to install Azure-AD connect on totally separate Windows Server which is NOT joined to any of the two forests ??
In this case when I am configuring Azure-AD connect, since all the 3 servers (two forest-servers and one AADC-server) are on the same subnet, would AADC-wizard able to access the domain-controllers ?
Thanks.
A cloud-based identity and access management service for securing user authentication and resource access
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
@testuser7 Just checking in to see if below information was helpful. If you have any further updates on this issue, please feel free to post back.
Regarding the other issue related to ImportedValue(). My colleague is checking internally on this for you, once we have an update, will keep you posted.
Please remember to "Accept Answer" on this if answer helped, so that others in the community facing similar issues can easily find the solution.
Thanks @Pierre Audonnet - MSFT
Makes sense and I did that way.
I actually have opened one more thread around AAD-Connect at
[https://learn.microsoft.com/en-us/answers/questions/1159290/azure-ad-connect-isr
If you could help me on this one, that would great !!!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Please don't forget to accept Pierre answer to close this thread and help forum visitors to identify the correct answer for your question.
For the server:
Azure AD Connect must be installed on a domain-joined Windows Server 2016 or later - note that Windows Server 2022 is not yet supported.
For the network placement:
Azure AD Connect requires network connectivity to the root domain of all configured forest
From: Prerequisites for Azure AD Connect
As long as you can connect to the DCs of all the forest in the scope of synchronization from that server, you are good to go.
