Dec 23 2016
- last edited on
Jan 14 2022
We are a small shop and have moved pretty much everything to Azure except our on-premise AD which we only use for user authentication. We have users that were created in on-prem AD and synch to Azure AD / Office 365 with Azure AD connect.
What is the procedure for moving them completely off of on-prem AD and decomissioning our AD controller?
Dec 23 2016 11:27 AM
Depends on your goal/expectations. Azure AD is not a real AD, it cannot fully replace your on-prem AD as it lack features such as OUs and GPOs for example. You most likely have some on-prem applications that relies on AD, even if you have ditched the file servers. For such situations, a more suitable approach is to use Azure AD Domain Service. I'd sugges you familiarize yourself with the limitations of Azure AD and AD DS for that matter, before commiting to such a step.