Can we use Azure Active Directory to remove local Domain Controller?

Copper Contributor

Dear all,

 

I have done some research and I cannot get a straight answer so far.

 

I am aware of Azure active directory domain services . But I wonder if it or anything Microsoft Azure has can delete or remove a local Domain Controller?

 

By local I presume it means on-premise?

 

Please advise.

 

Thank you very much.

 

4 Replies

Azure Active Directory can be used to replace your on premises domain controllers. If you are simply looking to use it as an identity provider you can use the basic tier. If you are looking for a MDM or MAM solution you need to purchase some additional licencing to use Intune. To unlock some of the other features you may also need to purchase Azure AD Premium tier 1 or 2. Azure active directory domain services currently has a limitation of bringing your current domain into that service. You have to provision a new domain meaning a migration. The last option you could look at is putting a domain controller in Azure and setup a VPN.

 

Let me know if you have additional questions and I would be happy to guide you to the right place. 

 @gough2 

@Bryan Haslip 

 

Hi Bryan,

Thank you very much for your quick response.

I wonder with a hyrbrid structure in place, (i.e. part Azure and part on-premise Active Directory) , if there is a way for Azure Active Directory to delete a local (on-premise) Domain Controller?

Please advise.

Thank you very much.

Azure active directory is not a direct replacement for you on premieres AD. If you have no need for some of the traditional features such as GPO's, Azure AD may be a good fit for a replacement. It really depends on what the important features you want to retain. Could you possibly list out the functionality you are looking for? Then I can help list out what might be the best course of action. @gough2 

Considering the following scenario:

 

- (1) Site in one country with Local Domain Controller and several remote workers in another country

 

What is the best Deployment (HA) option using Azure:

- We have an active VM in Azure with an AD connected and synchronized with the Local Domain Controller through a VPN Site-Site connection?
- We have an active VM in Azure with an AD and connected to the local Site through a Site-Site VPN and eliminate the Local Domain Controller?

 

In any of the options:

- How it would be the handling of remote users

@Bryan Haslip