Azure AD Connect: Special considerations for instances

Azure AD Connect is most commonly used with the world-wide instance of Azure AD and Office 365. But there are also other instances and these have different requirements for URLs and other special considerations.

Microsoft Cloud Germany

The Microsoft Cloud Germany is a sovereign cloud operated by a German data trustee.

URLs to open in proxy server
*.microsoftonline.de
*.windows.net
+Certificate Revocation Lists

When you sign in to your Azure AD tenant, you must use an account in the onmicrosoft.de domain.

Features currently not present in the Microsoft Cloud Germany:

  • Azure AD Connect Health is not available.
  • Automatic updates is not available.
  • Password writeback is available for preview with Azure AD Connect version 1.1.570.0 and after.
  • Other Azure AD Premium services are not available.

Microsoft Azure Government cloud

The Microsoft Azure Government cloud is a cloud for US government.

This cloud has been supported by earlier releases of DirSync. From build 1.1.180 of Azure AD Connect, the next generation of the cloud is supported. This generation is using US-only based endpoints and have a different list of URLs to open in your proxy server.

URLs to open in proxy server
*.microsoftonline.com
*.microsoftonline.us
*.windows.net (Required for automatic Azure AD government tenant detection)
*.gov.us.microsoftonline.com
+Certificate Revocation Lists

Note

As of AAD Connect version 1.1.647.0, setting the AzureInstance value in the registry is no longer required provided that *.windows.net is open on your proxy server(s).

Features currently not present in the Microsoft Azure Government cloud:

  • Azure AD Connect Health is not available.
  • Automatic updates is not available.
  • Password writeback is available for preview with Azure AD Connect version 1.1.570.0 and after.
  • Other Azure AD Premium services are not available.

Next steps

Learn more about Integrating your on-premises identities with Azure Active Directory.