Azure Subscription Transfer from PAYG to EA

Brass Contributor

Hi Community, 

 

My organization is currently hosting couple of Windows Severs in PAYG subscription.  They want to move their current Azure Pay as you go subscription to EA subscription.  However, they're concerning about joining the Domain with Azure AD through Azure ADDS. 

 

Questions:

 

1. Is it necessary to join/register our domain to Azure AD through Azure ADDS if we move to EA from PAYG?

2. If yes, what are the pros and cons of joining our domain to Azure AD through Azure ADDS?

 

Please advise. Many thanks in advance. 

 

 

3 Replies

@SB V 

When moving from a Pay-As-You-Go (PAYG) subscription to an Enterprise Agreement (EA) subscription in Azure, it is not necessary to join/register your on-premises domain with Azure AD through Azure Active Directory Domain Services (Azure ADDS). The process of joining your on-premises domain with Azure AD is separate from the subscription type or billing model you choose.

However, if you decide to utilize Azure ADDS and join your on-premises domain with Azure AD, there are potential benefits and considerations to keep in mind:

 

Pros of joining your domain to Azure AD through Azure ADDS:

1. Seamless cloud-based authentication: Azure ADDS allows for a unified sign-on experience across on-premises and cloud resources. Users can leverage their on-premises domain credentials to authenticate and access cloud-based resources.

 

2. Cloud-based domain services: Azure ADDS provides domain services in the cloud, eliminating the need for you to manage and maintain your own domain controllers. This can reduce infrastructure complexity and administrative overhead.

 

3. Integration with other Azure services: By joining your domain with Azure AD, you can leverage Azure AD-based services such as Azure AD Connect for directory synchronization, Azure Multi-Factor Authentication (MFA), Conditional Access policies, and more.

 

Considerations when joining your domain to Azure AD through Azure ADDS:

1. Dependency on Azure AD: Joining your domain with Azure ADDS establishes a dependency on Azure AD for authentication and domain services. It's important to ensure the availability and reliability of Azure AD for smooth operation.

 

2. Limited control over domain controllers: With Azure ADDS, you rely on Microsoft-managed domain controllers in the cloud. This means you have less control over the underlying infrastructure and customization options compared to on-premises domain controllers.

 

3. Compatibility and feature limitations: Azure ADDS may have certain feature limitations or differences compared to traditional on-premises domain controllers. It's essential to evaluate these limitations and ensure they align with your specific requirements and use cases.

 

Ultimately, the decision to join/register your domain with Azure AD through Azure ADDS should be based on your organization's specific needs, goals, and IT infrastructure considerations. It's recommended to assess the benefits, limitations, and potential impact on your existing environment before proceeding with any domain-joining activities.

 

If I have answered your question, please mark your post as Solved
If you like my response, please give it a like
Thank you Shijiraj.

Please understand that currently we don't have any on premises AD, just running couple of Windows Server with Azure pay as you go subscription, planning to move to EA subscription, and create couple of Windows brand new servers there then migrate the applications from pay as you go to EA subscription.

1. Is this mandatory to bring in Azure ADDS for this situation or any other viable solutions?

Please advise the right guidelines.

Thanks.

f you are planning to move from a Pay-As-You-Go (PAYG) Azure subscription to an Enterprise Agreement (EA) Azure subscription, it is not mandatory to join/register your domain to Azure Active Directory Domain Services (Azure ADDS) unless you need to leverage the domain services provided by Azure ADDS.