Current AAD Connect location recommendations

Gregg Hughes 291 Reputation points

Good morning, all!

I'm looking to migrate and upgrade a customer AAD Connect installation to Server 2019 and AAD Connect 2.x. This would be on a domain member server, not a domain controller.

Another consultant has recommended installing to a domain controller, saying that he has observed multiple service disconnects due to not being on a DC. I want to move away from installing various applications on my DCs, preferring a clean installation with various identity management solutions on a separate server.

Polling the hive mind for consensus on experience with AAD Connect - on the domain controller or separate server?

Thanks to all for looking!


Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,101 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Andy David - MVP 143.6K Reputation points MVP

    Separate. Have never installed on a DC and do not see any issues. Installing on a DC seems like a bad idea :...
    The key, I think, is to treat the AADConnect server like a DC, not install it on one. :P

    1 person found this answer helpful.