none
Install AAD Connect on different server

    Question

  • We have AAD Connect installed and configured for "Federation with AD FS" on a Windows Server 2012 R2 (for Office 365).

    Now we've configured AD FS on a new Server 2016 and raised the functionality. We'd like to move AAD Connect to the primary server so we can toss our old 2012 R2 out.

    At the end of the installation, I select my primary domain, but get the error:

    "We cannot federate an Azure AD domain while signed in to Azure AD as a user in the same domain."

    What am I doing wrong here?

    Friday, March 31, 2017 8:53 AM

Answers

  • Not necessarily. Cloud-created users are not in the scope of password sync, unless you take specific actions to "match" them against On-Prem objects. If you have trouble with the password use the self-service recovery option or contact support.
    • Marked as answer by ruben.demey Friday, March 31, 2017 11:45 AM
    Friday, March 31, 2017 11:33 AM

All replies

  • Use an account associated with the default @tenant.onmicrosoft.com domain.
    Friday, March 31, 2017 9:23 AM
  • With the AAD Connect, shouldn't the passwords between user@tenant.onmicrosoft.com and the federated domain be synced? Because it's not accepting my password.
    Friday, March 31, 2017 9:28 AM
  • Not necessarily. Cloud-created users are not in the scope of password sync, unless you take specific actions to "match" them against On-Prem objects. If you have trouble with the password use the self-service recovery option or contact support.
    • Marked as answer by ruben.demey Friday, March 31, 2017 11:45 AM
    Friday, March 31, 2017 11:33 AM
  • Thanks! I just created a different admin user. Things work fine now.
    Friday, March 31, 2017 11:45 AM
  • @Ruben.demy Did you create another admin user in the portal or on the domain controller?
    Monday, April 16, 2018 7:39 PM