Forum Discussion
Requirement to have an on-prem AD
- Mar 25, 2019
HandA
on-prem AD is not required.
AD requirements:
Option 1: Domain controller that is synchronized with Azure Active Directory. The domain controller can be on-prem or in cloud. To synchronize with Azure Active Directory install Azure Active Directory Connect.
Option 2: Azure AD Domain Services domain in Azure (automatically synced with Azure Active Directory)
HandA
on-prem AD is not required.
AD requirements:
Option 1: Domain controller that is synchronized with Azure Active Directory. The domain controller can be on-prem or in cloud. To synchronize with Azure Active Directory install Azure Active Directory Connect.
Option 2: Azure AD Domain Services domain in Azure (automatically synced with Azure Active Directory)
I don't understand your response. Per https://docs.microsoft.com/en-us/azure/virtual-desktop/overview:
Your infrastructure needs the following things to support Windows Virtual Desktop:
- An Azure Active Directory
- A Windows Server Active Directory in sync with Azure Active Directory. This can be enabled through:
- Azure AD Connect
- Azure AD Domain Services
- An Azure subscription, containing a virtual network that either contains or is connected to the Windows Server Active Directory
The Azure virtual machines you create for Windows Virtual Desktop must be:
- Standard domain-joined or Hybrid AD-joined. Virtual machines can't be Azure AD-joined.
- Running one of the following supported OS images:
- Windows 10 Enterprise multi-session
- Windows Server 2016
I would like to avoid any and all on-premises requirements and simply have an Azure Active Directory with Azure Active Directory Domain Services enabled with Windows Virtual Desktop virtual machines automatically domain-joined to that instance. Completely cloud. Nothing physical.
Is this possible ?
- Mike AmoxMar 27, 2019Microsoft
Yes. This is possible. Josh was correct.
If you want cloud-only, you can either stand up a couple of DC's on VM's in the cloud, or use Azure Active Directory Domain Services, with either synced with Azure AD. Either will work.
- Ron HoweMar 27, 2019Copper Contributor
Thanks, Mike.
Am I misunderstanding the documentation? Or is the documentation inaccurate or poorly worded?
- Mike AmoxMar 27, 2019Microsoft
A bit of both? :)
The documentation says:
A Windows Server Active Directory in sync with Azure Active Directory. This can be enabled through:
- Azure AD Connect
- Azure AD Domain Services
The first (AD connect) is on-prem or cloud DC's you build yourself.
The second is telling you can forgo that and use Azure AD Domain Services (and won't have to configure AD connect to boot)
Arguably, this isn't clear enough, as it does leave room for confusion, and doesn't explicitly spell out each option for hybrid and cloud-only.