Hosting Controller CLOUD AUTOMATION SOLUTION
Search:
Contents
:
IndexBookmarkPrint

Home > Active Directory Synchronization Tool > Pre-requisites

Pre-requisites

Before installing AD Connect Sync its necessary that the following pre-requisites are met. Installation of AD Connect Sync tool will be performed only on Local/Client DC from where the objects needs to be synchronized. AD Connect Sync will not be installed on the hosted/Cloud Domain Controller. Therefore the Local/Client DC should meet the following software requirements:

 

Software Requirements

  • HC AD Connect Sync tool supports Windows Server 2019, 2016, 2012 and 2008 (x86 and x64 any server edition).
  • Microsoft .Net Framework 4.8 must be installed on the machine prior to starting the installation.

Connection between Customer DC and Cloud DC
The target DC address must be accessible from customer site where AD Connect Sync Primary agent is installed. This address could be an IP address or a URL such as DC.CustomerDomain.com.

For a secure TLS connection, the URL for which the certificate is enabled, must be used for the connectivity. Cloud DC certificate must be imported in the customer DC machine.​​

 

TCP Ports
AD Connect Sync synchronizes objects using the LDAP/LDAPS protocols. Therefore, the following ports are required to be opened between the local/client and target/hosted DC.

  • Secure LDAP (LDAP protocol over TLS/SSL) = 636
  • LDAP (Without SSL) = 389
  • Dynamic RPC = 135
  • Additional Ports = 445, 139

​Service Accounts Required for Configuring HC AD Connect Sync
There are two service accounts required for configuring HC AD Connect Sync. 

  • Account from the local/client DC
  • Account from target/Cloud DC

Permissions of Service Accounts
AD Connect Sync synchronizes objects along with their attributes and passwords therefore, service accounts must have the following permissions:

  • Local/client AD service account must have Read/Write permission.
  • Target/Cloud AD service account must have permission "CURD" (Create, Update, Read, Delete).
  • You can assign delegate permissions to a simple AD account to work with AD Connect Sync with the help of this article.

Password Policy
Password policy between customer and Cloud DCs must not conflict on password character strength.

License Activation
Internet must be working on the customer DC where ADSync Primary Agent is running, for key activation.​​