Move Azure AD Connect to a different server

Namless Shelter 231 Reputation points
2022-03-22T05:47:31.033+00:00

Dear Friends,

Currently, we have a dedicated Azure AD Sync server set up in a WIndow server 2012 R2 box for Directory sync (1600 + users and SCCM & InTune Co-managed Computers) to Office 365 and Azure services.

Now we would like move this service to another server 2019 box. Should we just install AzureADConnect.exe on server 2019, and set it up to point to our Tenant? And remove the old Azure AD sync service on the old server and power off? What else need to be done?

Thanks a lot,
ML

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,439 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Cristian SPIRIDON 4,481 Reputation points
    2022-03-22T06:05:58.523+00:00

    Hi NamlessShelter-6097,

    What you need to do is install the other server în staging mode. Please, see following tutorial about how the set it up and how to switch between the two:

    https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-staging-server

    Hope this helps!

    1 person found this answer helpful.

  2. Siva-kumar-selvaraj 15,666 Reputation points
    2022-03-22T16:45:42.657+00:00

    Hello @Namless Shelter ,

    Thanks for reaching out.

    Yes, as @Cristian SPIRIDON mentioned, you need to setup stagging server and ensure configurations are same on both the servers using CSAnalyzer and then you can switch over the older server into staging and new server as production.

    In addition, there's no retention specific with synchronized objects when Azure AD connect servers are idle but new users onboarding to Azure AD and Sync server-dependent services would be impacted during downtime such as writeback functionality including SSPR , Hybrid device registration to with Azure AD (Only new devices). However, existing users and device objects continue to experience SSO as expected without any issue. Hope this helps.

    -----
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.