Note: This question is part of a series of questions that present the same scenario. Each question in the series
contains a unique solution. Determine whether the solution meets the stated goals.
Your network contains a single Active Directory forest. The forest contains a domain controller and Active
Directory Federation Services (AD FS) servers that are deployed to virtual machines. The virtual machines run
either on-premises or on Microsoft Azure.
You have Azure AD Connect deployed on-premises. The Azure AD Connect database is installed on an onpremises instance of Microsoft SQL Server 2014.
Last month, an Azure AD Connect server experienced a hardware failure that caused an Azure AD Connect
server to go offline for several days.
You need to recommend a solution to reduce the outage window when hardware failure occurs on the Azure
AD Connect server.
Solution: You deploy a new on-premises Azure AD Connect server that uses a new SQL Server instance. You
set the Azure AD Connect server to staging mode.
Does this meet the goal?
A.
Yes
B.
No
Explanation:
Azure AD Connect sync Staging mode can be used for several scenarios, including:
High availability.
Test and deploy new configuration changes.
Introduce a new server and decommission the old.
Have a spare standby server – staging modeIf you have a more complex environment, then having one or more standby servers is recommended. During
installation, you can enable a server to be in staging mode.
SQL Clustering would be needed for high availability.
Note: SQL High Availability
If you are not using the SQL Server Express that comes with Azure AD Connect, then high availability for SQL
Server should also be considered. The only high availability solution supported is SQL clustering. Unsupported
solutions include mirroring and Always On.
https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnectsyncoperations/
2 reasons why I think no:
In a disaster where the primary server fails, you can fail over to the staging server. You do this in the Azure AD Connect wizard. This second server can be located in a different datacenter because no infrastructure is shared with the primary server. You must manually copy any configuration change made on the primary server to the second server.
You can only have one sync engine per SQL instance. It is not supported to share a SQL instance with FIM/MIM Sync, DirSync, or Azure AD Sync.
0
0
correct me
2 reasons why I think yes:
In a disaster where the primary server fails, you can fail over to the staging server. You do this in the Azure AD Connect wizard. This second server can be located in a different datacenter because no infrastructure is shared with the primary server. You must manually copy any configuration change made on the primary server to the second server.
You can only have one sync engine per SQL instance. It is not supported to share a SQL instance with FIM/MIM Sync, DirSync, or Azure AD Sync.
0
0
Yes
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-operations
0
0
In my opinion the answer is NO, because they aren’t using the built-in SQL Express Database and each server has its own SQL on premise instance, in that case SQL HA configuration (Cluster) should be considered, and it doesn’t so the answer is NO.
1
0
I agree with Yes, only a staging server can be used to connect multiple AAD Connect Syn servers to a single Azure AD tenant. The staging server can be anywhere (on-premises, Azure cloud, different datacenter etc.)
Having more than one Azure AD Connect sync server connected to a single Azure AD tenant is not supported. The exception is the use of a staging server.
Azure AD Connect supports installing a second server in staging mode. A server in this mode reads data from all connected directories but does not write anything to connected directories. It uses the normal synchronization cycle and therefore has an updated copy of the identity data.
In a disaster where the primary server fails, you can fail over to the staging server. You do this in the Azure AD Connect wizard. This second server can be located in a different datacenter, because no infrastructure is shared with the primary server. You must manually copy any configuration change made on the primary server to the second server.
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-topologies
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-topologies#staging-server
0
0
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-operations
The SQL server has to be either the same instance, or in a cluster
0
0