Azure AD Connector

Question

If I have one Azure Ad connector at one data center. If there was a disaster or during DR testing, I power down the the Azure AD connector and bring it up a copy/replicated/backup on the other data center. Same VLan no change to the machine. Then run it for a day then delete it and restore the primary data center machine and bring it back up. Would that server that was down completely sync with all changes it missed while it was down even thought they sync'd to the one in DR test?

Is this process support if there was a problem?

Answer 1

Really this isnt the way to do this

You need at least two AADConnect servers. One is the active one, one is in staging mode but they are peers - each has the same config - each using their own backend database.

All the steps to do this are here:

https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-staging-server

Answer 2

The Staging and active server each have their own SQL databases are are both up to date.
When one server is down and the other is set as the "active" server and removed from staging mode, all that means is that the active server is now exporting objects to Azure and to your on-prem forest.

Once the primary data center is back online, do not bring up the original AADConnect Server until you set the other DCs AADConnect to Staging Mode, then bring the primary DC AADConnect server and it can be allowed to export the results again as the "primary"

There are other advantages as well: When you upgrade, you can upgrade one at a time, switching between servers and testing as you upgrade.

It makes it very easy, so I dont see any advantage with having one server having to restore or extend a Vlan etc...