Currently i have Active Directory in Azure and now i want to make additional AD on-prem version. Anyone know if my below steps is right to building additional on-prem AD.? Install Windows Server on-prem Join this server to the domain Add AD role Promote this server as seondary domain controller Install Azure AD connect.

Its not recommended to install AADConnect on a domain controller - though it is supported I would install on its own server if possible. otherwise, your steps look correct. there is really nothing called a "secondary domain controller" however.

AD Hybrid Version - Microsoft Q&A

Accepted answer

Andy David - MVP 142.3K Reputation points MVP

2022-11-07T14:08:54.7+00:00

Its not recommended to install AADConnect on a domain controller - though it is supported
I would install on its own server if possible.

otherwise, your steps look correct. there is really nothing called a "secondary domain controller" however.
Please sign in to rate this answer.
Handian Sudianto 4,146 Reputation points

2022-11-07T14:23:46.37+00:00

Hi @Andy David - MVP

Thanks for your information and thanks for confirming my steps is correct.
Can i know why is not recomended install AAD Connect on DC?

Andy David - MVP 142.3K Reputation points MVP

2022-11-07T16:25:40.34+00:00

You can install plenty of apps on a DC, but thats never recommended.
For AADConnect reasons specifically:
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad/azure-ad-connect-on-a-dc/m-p/60445

https://activedirectoryfaq.com/2021/07/install-azure-ad-connect/#:~:text=The%20installation%20should%20not%20be,requires%20a%20graphical%20user%20interface.

Handian Sudianto 4,146 Reputation points

2022-11-08T01:13:50.433+00:00

Hi @Andy David - MVP

Noted with many thanks.
Sign in to comment

AD Hybrid Version

0 additional answers