Hi all,
We have a situation where there are multiple on-premises forests without forest trust between them. Then we have one single Azure AD tenant where we would like to sync the users from those multiple forests.
Question is: do we need to set up Azure AD Connect to every one of those on-premises forests or can we use only one Azure AD Connect to achieve this?
Here it says that A) "Multiple forests, multiple sync servers to one Azure AD tenant is not supported" and B) "Multiple forests, separate topologies is supported". What is the real difference between A) and B)? Is there forest trust between the forests in A)? And what does it mean in the option B) that "all on-premises forests are treated as separate entities"? Does it mean there is no trust between the forests?
And what does "all forests must be reachable by a single Azure AD Connect sync server" actually mean in practise?
https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-topologies
Our goal is to have every on-premises forest synced in one single Azure AD tenant. Is it really possible when the on-premises forests are totally seperated from each other without forest trust between them? Microsoft documentation is little bit confusing regarding this kind of scenario...
Thanks for the answers in advance!
Br, Teemu