Forum Discussion
Migrating On Prem AD to Azure AD and doing away completely with On Prem AD
palchakTo work out what your options are you will need to know what your current dependancies on the on-premis AD is. e.g. what devices are joined, what applications rely on AD for authentication, any changes to the schema. If there are components dependant/integrated in to AD then you will need to look at an IaaS instance in Azure as opposed to just using Azure AD. When considering an IaaS instance then a couple of things to watch out for, latency and also depending on the size of your directory - initial replication could take a while.
- palchakMar 16, 2020Copper Contributor
009GH What about using Azure AD DS, the managed domain service in Azure, to use that, do you still need to keep the Azure Connect Sync intact , because using Azure AD DS you can create customised OUs and even Group Policies, so can AD DS be considered a replacement for On Prem AD DS.
Using the cloud Azure AD DS is a better option as it is a managed service and you don't have to spin up DCs in Azure and patch them and monitor them etc. Any comments please.
- 009GHMar 17, 2020Copper Contributor
palchak Yes AD DS could be a good option. I would say keep in mind the limitations with AD DS such as no enterprise admin rights and no ability to extend the schema. Some Applications require extensions to the schema so check those dependencies. Also still keep in mind location of the service and latency, some applications are more sensitive to latency issues than others.
- Kayak2May 27, 2020Copper Contributor
palchak do you know of any MS documentation/guide that describes the high-level steps to achieve this?
Thanks
- palchakMay 27, 2020Copper Contributor
Kayak2Not really, I was struggling to find something. Actually AD DS is not a full fledged replacement for On Prem AD and both have separate use cases. But my customer was planning to get rid of On Prem AD and use Azure AD as their primary identity source. Have you checked this blog http://www.blogabout.cloud/2019/08/871/, this throws some light as to how to do the migration, but again, this is just one part, doesn't give you the whole picture, but I think this can be helpful to some extent