You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/hybrid/plan-connect-topologies.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -46,7 +46,7 @@ The most common topology is a single on-premises forest, with one or multiple do
46
46
### Single forest, multiple sync servers to one Azure AD tenant
47
47
48
48
49
-
Having multiple Azure AD Connect sync servers connected to the same Azure AD tenant is not supported, except for a [staging server](#staging-server). It's unsupported even if these servers are configured to synchronize with a mutually exclusive set of objects. You might have considered this topology if you can't reach all domains in the forest from a single server, or if you want to distribute load across several servers.
49
+
Having multiple Azure AD Connect sync servers connected to the same Azure AD tenant is not supported, except for a [staging server](#staging-server). It's unsupported even if these servers are configured to synchronize with a mutually exclusive set of objects. You might have considered this topology if you can't reach all domains in the forest from a single server, or if you want to distribute load across several servers. (No errors occur when a new Azure AD Sync Server is configured for a new Azure AD forest and a new verified child domain.)
50
50
51
51
## Multiple forests, single Azure AD tenant
52
52
@@ -78,7 +78,7 @@ You can find more details in [Understanding the default configuration](concept-a
78
78
79
79
Having more than one Azure AD Connect sync server connected to a single Azure AD tenant is not supported. The exception is the use of a [staging server](#staging-server).
80
80
81
-
This topology differs from the one below in that **multiple sync servers** connected to a single Azure AD tenant is not supported.
81
+
This topology differs from the one below in that **multiple sync servers** connected to a single Azure AD tenant is not supported. (While not supported, this still works.)
82
82
83
83
### Multiple forests, single sync server, users are represented in only one directory
84
84
@@ -142,8 +142,8 @@ We recommend having a single tenant in Azure AD for an organization. Before you
142
142
143
143
This topology implements the following use cases:
144
144
145
-
* AADConnect can synchronize the same users, groups, and contacts from a single Active Directory to multiple Azure AD tenants. These tenants can be in different Azure environments, such as the Azure China environment or the Azure Government environment, but they could also be in the same Azure environment, such as two tenants that are both in Azure Commercial.
146
-
* The same Source Anchor can be used for a single object in separate tenants (but not for multiple objects in the same tenant)
145
+
* AADConnect can synchronize the users, groups, and contacts from a single Active Directory to multiple Azure AD tenants. These tenants can be in different Azure environments, such as the Azure China environment or the Azure Government environment, but they could also be in the same Azure environment, such as two tenants that are both in Azure Commercial. For more details on options, see https://docs.microsoft.com/azure/azure-government/documentation-government-plan-identity.
146
+
* The same Source Anchor can be used for a single object in separate tenants (but not for multiple objects in the same tenant). (The verified domain can't be the same in two tenants. More details are needed to enable the same object to have two UPNs.)
147
147
* You will need to deploy an AADConnect server for every Azure AD tenant you want to synchronize to - one AADConnect server cannot synchronize to more than one Azure AD tenant.
148
148
* It is supported to have different sync scopes and different sync rules for different tenants.
149
149
* Only one Azure AD tenant sync can be configured to write back to Active Directory for the same object. This includes device and group writeback as well as Hybrid Exchange configurations – these features can only be configured in one tenant. The only exception here is Password Writeback – see below.
0 commit comments