I want to create AD, ADC & AD sync server in Azure.

Question

I want to create AD, ADC & AD sync server in Azure.

Thakur, Prabhat 81

I want to create AD, ADC & AD sync server in Azure. Is it possible to create these servers in single Availability sets with Fault domain 3 and update domain 5. or should i create it as a stand alone servers since AD & ADC will work in a Active Passive mode, and i if AD is offline ADC will take its place as the root AD. Please recommend the best practices for such secenarios.

Accepted answer

1 additional answer

Your answer

Answer 1

Sandeep G-MSFT 20,906 Microsoft Employee Moderator

@Thakur, Prabhat

You can deploy your entire setup in Azure by creating VM's. You can create 3 VM's in Azure which are part of same vnet. Promote 2 VM's as domain controller. In this set up one VM will be primary DC.

Usually, active directory doesn't work in active and passive mode. When client want to reach any DC, there is a DC discovery that happens. Always the nearest DC will be contacted to handle the request.

As per your question if one AD goes offline, automatically 2nd VM will take over to handle the requests.
There is always a replication between domain controllers in an environment. Below is the article that talks about on how the replication works.
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/replication/active-directory-replication-concepts#BKMK_1

To know more about how DC discovery works you can refer below article,
https://social.technet.microsoft.com/wiki/contents/articles/24457.how-domain-controllers-are-located-in-windows.aspx

Let me know if you have any further questions.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Thakur, Prabhat 81 Reputation points

2022-11-10T06:44:52.593+00:00

I have one doubt, can I create the AD & ADC and AD Connect in a single Availability Set? @Sandeep G-MSFT
Sandeep G-MSFT 20,906 Reputation points Microsoft Employee Moderator

2022-11-10T08:16:41.01+00:00

@Thakur, Prabhat

Single availability set is not possible for AD connect. AD connect can only be deployed as production and staging. When production goes down there is a manual intervention required to move the AD connect from staging to production.

AD connect staging mode is used as disaster recovery.
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-staging-server

Let me know if you have any further questions.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Thakur, Prabhat 81 Reputation points

2022-11-14T07:14:46.207+00:00

@Sandeep G-MSFT Thanks for the reply.
I wanted to know if I can put the stand-alone servers in the Availability set or if it needs to be part of a single application, like two servers serving the same app, with a load-balanced.
So I just went ahead and put the AD, ADC & AD Connect in the same AV set. It works for me. Thanks for the answer.
Thakur, Prabhat 81 Reputation points

2022-11-14T07:17:12.693+00:00

I wanted to know if I can put the stand-alone servers in the Availability set or if it needs to be part of a single application, like two servers serving the same app, with a load-balanced.
So I just went ahead and put the AD, ADC & AD Connect in the same AV set. It seems you can put standalone servers in an Avail Set. It makes sure that not all the servers are created in a single fault domain(Single rack with a single point of failure, single power supply, switches). Also, not in the similar Update Domain,

Answer 2

Anonymous

You could follow along here.
https://learn.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan

--please don't forget to upvote and Accept as answer if the reply is helpful--

Anonymous

2022-11-09T12:58:59.073+00:00

Just checking if there's any progress or updates?

--please don't forget to upvote and Accept as answer if the reply is helpful--

Share via

I want to create AD, ADC & AD sync server in Azure.

1 additional answer

Your answer