multiple AD forests to a single tenant

Question

Is it possible to run more than one instance of Azure AD connect tool e.g one instance in each of the source forests and sync the identities? Are there any limitations to this?

Is it supported to implement multiple Hybrid configurations from separate AD forest to a single tenant,

Answer 1

Hi,

Welcome to Microsoft Q&A community forum!

Many organizations have environments with multiple on-premises Active Directory forests. There are various reasons for having more than one on-premises Active Directory forest. Typical examples are designs with account-resource forests and the result of a merger or acquisition.

When you have multiple forests, all forests must be reachable by a single Azure AD Connect sync server. The server must be joined to a domain. If necessary to reach all forests, you can place the server in a perimeter network (also known as DMZ, demilitarized zone, and screened subnet).

The Azure AD Connect installation wizard offers several options to consolidate users who are represented in multiple forests. The goal is that a user is represented only once in Azure AD. There are some common topologies that you can configure in the custom installation path in the installation wizard. On the Uniquely identifying your users page, select the corresponding option that represents your topology. The consolidation is configured only for users. Duplicated groups are not consolidated with the default configuration.

ref link:

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/connect/plan-connect-topologies#multiple-forests-single-azure-ad-tenant

Hope this helps

Cheers

Luca

Please "Accept as Answer" and Upvote if the answer provided is useful, so that you can help others in the community looking for remediation for similar issues