Follow the guidelines in Securing privileged access. It's important that administrative access to this server is properly secured. The Azure AD Connect server contains critical identity data. The recommended execution policy during installation is "RemoteSigned".įor more information on setting the PowerShell execution policy, see Set-ExecutionPolicy. Ensure that the PowerShell execution policy will allow running of scripts. We recommend that you enable the Active Directory recycle bin.Īzure Active Directory Connect runs signed PowerShell scripts as part of the installation.Using on-premises forests or domains by using "dotted" (name contains a period ".") NetBIOS names isn't supported.Using a read-only domain controller (RODC) isn't supported, and Azure AD Connect doesn't follow any write redirects. The domain controller used by Azure AD must be writable.You might require a paid support program if you require support for domain controllers running Windows Server 2016 or older. The domain controllers can run any version as long as the schema version and forest-level requirements are met. The Active Directory schema version and forest functional level must be Windows Server 2003 or later.Review optional sync features you can enable in Azure AD, and evaluate which features you should enable.Use IdFix to identify errors such as duplicates and formatting problems in your directory before you synchronize to Azure AD and Microsoft 365.If you need more than 500,000 objects, you need a license, such as Microsoft 365, Azure AD Premium, or Enterprise Mobility + Security.
If you need even more objects in Azure AD, open a support case to have the limit increased even further. When you verify your domain, the limit increases to 300,000 objects.
This article describes the prerequisites and the hardware requirements for Azure Active Directory (Azure AD) Connect.
0 kommentar(er)
