Hybrid environment and two IT providors

%3CLINGO-SUB%20id%3D%22lingo-sub-737047%22%20slang%3D%22en-US%22%3EHybrid%20environment%20and%20two%20IT%20providors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-737047%22%20slang%3D%22en-US%22%3ENot%20sure%20how%20to%20explain%20this%20issue%20in%20without%20writing%20a%20essay%2C%20but%20I%20will%20give%20it%20a%20try.%3CBR%20%2F%3E%3CBR%20%2F%3ECustomer%20%22A%22%20is%20changing%20their%20CSP%20partner%20to%20a%20new%20IT%20provider.%20Circumstances%20make%20it%20necessary%20to%20leave%20a%20part%20of%20the%20old%20environment%20behind.%20One%20part%20of%20the%20environment%20is%20on%20prem%20at%20the%20old%20providers%20data%20center%2C%20among%20other%20resources%20there%20is%20an%20SQL%20database%20in%20the%20on%20prem%20domain%20(comman%20domain%20containing%20several%20customers)%20and%20the%20other%20part%2C%20also%20an%20SQL%20server%20is%20in%20azure.%20The%20server%20in%20Azure%20is%20domain%20joined%20in%20the%20common%20on%20prem%20domain.%20The%20on%20prem%20SQL%20uploads%20data%20to%20the%20SQL%20in%20azure%20and%20there%20is%20a%20VPN%20connection.%20The%20new%20CSP%20partner%20is%20taking%20over%20the%20tenant%20and%20moving%20all%20users%20to%20a%20new%20hybrid%20environment%20(Azure%20AD%20Connect).%20There%20is%20a%20site2site%20VPN%20between%20the%20two%20providers%20data%20centers%20and%20DNS%20forwarding.%20Is%20it%20possible%20to%20ceep%20the%20old%20environment%2C%20meaning%20not%20touching%20the%20SQL%20server%20in%20Azure%20and%20leaving%20the%20full%20responsibility%20of%20that%20server%20to%20the%20old%20provider%3F%20Secondly%20what%20other%20issues%20can%20this%20(messy)%20environment%20cause%3F%20The%20users%20will%20need%20to%20authenticate%20with%20old%20providers%20domain%20users%20when%20using%20the%20services%2C%20but%20I%20can't%20shake%20the%20feeling%20that%20we%20are%20missing%20something%20important...%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-737047%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-737930%22%20slang%3D%22en-US%22%3ERe%3A%20Hybrid%20environment%20and%20two%20IT%20providors%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-737930%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F370745%22%20target%3D%22_blank%22%3E%40carinas%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20i%20understood%20is%20that%20there%20will%20be%20still%20the%20old%20OnPremise%20Stuff%20with%20the%20SQL%20Server%20and%20an%20Classic%20ADDS%20Service%2C%20right%3F%3C%2FP%3E%3CP%3EThere%20is%20a%20Tenant%20with%20a%20Azure%20AD%20that%20will%20be%20managed%20by%20another%20Provider%20in%20the%20Future%2C%20right%3F%3C%2FP%3E%3CP%3EOr%20will%20there%20be%20a%20new%20Tenant%20with%20a%20new%20Azure%20AD%20and%20all%20Resources%20will%20be%20moved%20to%20the%20new%20Tenant%3F%3C%2FP%3E%3CP%3EThe%20Azure%20AD%20of%20the%20Tenant%20is%20filled%20with%20what%20Identity's%3F%20The%20ones%20from%20the%20existing%20OnPremise%20Domain%20or%20Cloud%20Only%20Users%20or%20maybe%20a%20totally%20other%20Domain%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20change%20of%20Control%20of%20the%20Azure%20Tenant%20should%20be%20no%20Problem%20at%20all.%20The%20old%20OnPremise%20stuff%20could%20stay%20untouched.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EVery%20important%20is%20communication%20of%20all%20involved%20partys%2C%20so%20the%20OnPremise%20Provider%20and%20the%20Azure%20Tenant%20Admin%20Provider%2C%20as%20they%20are%20connected%20in%20the%20direction%20of%20Network%20and%20Identitys.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHope%20this%20was%20a%20bit%20helpful.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EKind%20Regards%2C%20Peter%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Visitor
Not sure how to explain this issue in without writing a essay, but I will give it a try.

Customer "A" is changing their CSP partner to a new IT provider. Circumstances make it necessary to leave a part of the old environment behind. One part of the environment is on prem at the old providers data center, among other resources there is an SQL database in the on prem domain (comman domain containing several customers) and the other part, also an SQL server is in azure. The server in Azure is domain joined in the common on prem domain. The on prem SQL uploads data to the SQL in azure and there is a VPN connection. The new CSP partner is taking over the tenant and moving all users to a new hybrid environment (Azure AD Connect). There is a site2site VPN between the two providers data centers and DNS forwarding. Is it possible to ceep the old environment, meaning not touching the SQL server in Azure and leaving the full responsibility of that server to the old provider? Secondly what other issues can this (messy) environment cause? The users will need to authenticate with old providers domain users when using the services, but I can't shake the feeling that we are missing something important...
1 Reply
Highlighted

@carinas 

 

What i understood is that there will be still the old OnPremise Stuff with the SQL Server and an Classic ADDS Service, right?

There is a Tenant with a Azure AD that will be managed by another Provider in the Future, right?

Or will there be a new Tenant with a new Azure AD and all Resources will be moved to the new Tenant?

The Azure AD of the Tenant is filled with what Identity's? The ones from the existing OnPremise Domain or Cloud Only Users or maybe a totally other Domain?

 

The change of Control of the Azure Tenant should be no Problem at all. The old OnPremise stuff could stay untouched.

 

Very important is communication of all involved partys, so the OnPremise Provider and the Azure Tenant Admin Provider, as they are connected in the direction of Network and Identitys.

 

Hope this was a bit helpful.

 

Kind Regards, Peter