The following forum(s) are migrating to a new home on Microsoft Q&A (Preview): Azure Active Directory!

Ask new questions on Microsoft Q&A (Preview).
Interact with existing posts until December 13, 2019, after which content will be closed to all new and existing posts.

Learn More

none
Azure AD Connect on Stand Alone Server RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hello Azure,

    I am having problems installing Azure AD Connect on a stand alone server. I keep reading that you can synchronize your Azure AD credentials on a stand alone server that is not a member of a domain. But I cannot configure Azure AD to do so. When I go through the custom setup, I get to the connect to Directories option and it does not populate the domain that is currently configured (and working for Win10 workstations that are joined). There is of course no Domain Controller on the network, as this is a stand alone server not connected to any domain. I cannot for the life of me find any documentation on doing this for a stand alone server, however I see marketing puke all over the place saying you can do this. On MS Websites, and here on the Azure support forums from MS Support Techs.

    Can anyone point me towards instructions on how I can Syncronize Authentication for this server with Azure AD without also turning this server into a DC?

    http://i.imgur.com/nPsDdaT.png 

    Tuesday, March 22, 2016 6:55 AM
    |

All replies

  • Question
    Sign in to vote
    1
    Sign in to vote

    When I go through the custom setup, I get to the connect to Directories option and it does not populate the domain that is currently configured (and working for Win10 workstations that are joined).


    You're right in using Custom Settings, because Express Settings can't be used in this scenario.

    Can anyone point me towards instructions on how I can Syncronize Authentication for this server with Azure AD without also turning this server into a DC?

    One of the prerequisites for Active Directory communication is DNS.
    Through DNS SRV records, non-domain joined devices can locate Domain Controllers.

    For non-domain joined Azure AD Connect implementations you'll need to point to DNS records, servicing the DNS Forward Lookup Zones and Reverse Lookup Zones for the Active Directory domains and forests you want to synchronize objects with.

    Tuesday, March 22, 2016 4:28 PM
    |
  • Question
    Sign in to vote
    0
    Sign in to vote

    Now that you have covered "is it plugged in", what next?  I keep getting an error "An error occurred while auto creating an account in the forest <forest name>.  current security context is not associated with an Active Directory domain or forest".

    This happens after providing Azure AD Connect with an enterprise admin account.  Do we have to manually create the sync account when setting up a standalone AD Connect server?

    Thanks for any assistance.

    Friday, February 2, 2018 5:37 PM
    |