Syncing multiple AD domains to a single Azure AD?

Dev11 21 Reputation points
2019-12-14T05:43:35.463+00:00

Hello,

If I integrate with the Azure AD using the Password Hash Sync model, is it possible to run a separate instance of the Sync tool on each customer’s domain? Basically, I would like to allow company A and company B to use my app, provided that they install the Sync tool on their domains.

Thank you!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,173 questions
0 comments No comments
{count} votes

Accepted answer
  1. AmanpreetSingh-MSFT 56,461 Reputation points
    2019-12-14T06:03:31.133+00:00

    @Dev1-4239 Having more than one Azure AD Connect sync server connected to a single Azure AD tenant is not supported. Refer to multiple-forests-multiple-sync-servers-to-one-azure-ad-tenant for more details.

    -----------------------------------------------------------------------------------------------------------

    Please "mark as answer" or "vote as helpful" wherever the information provided helps you to help others in the community.

    4 people found this answer helpful.
    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Oleg K 136 Reputation points
    2019-12-15T10:41:56.337+00:00

  2. Andreas Helland 76 Reputation points
    2019-12-18T22:12:08.617+00:00

    As stated above it is possible to sync multiple domains to a single AAD tenant, but when your use case is providing an app to multiple customers I'm struggling to see the architecture you're planning.

    Is this single AAD tenant one owned/controlled by you, and the customers are non-related separate entities? If so it's a terrible idea to sync them into a common AAD. If "customers" are different companies in the same corporate structure it's something else.

    The generic "offer a SaaS app to multiple customers" setup would usually be:

    • SaaS provider has an AAD tenant
    • Each customer has an AAD tenant
    • SaaS provider creates a multi-tenant app and let users sign in based on other AAD tenants.