Customer has different locations with different local domains. They use AD Sync Connect to sync the identities from the local Domains to AAD and with the AADDS they sync the identities back to the “aadds.contoso.de”.
Their Project Goal is to shutdown the local domains to have “One Network” with SSO and the Same identity. For that they need to change every workload authentication to the AADDS.
Right now, they are migrating every Workstation for the Users to the AAD with Endpoint manager and local file storages to SharePoint Online if possible. If the migration to SPO didn’t work they recreate the security groups and assign them to the file storage in the AADDS.
The Customer also develops software on each location which is secured by an internal CA, which does the autorenewal etc. However, they need a “modern” Way to store, create, renew and assign certificates but they don’t want to create a new CA in the AADDS.
What is the best way to manage certificates in Azure?
Can they create certificate in AADDS?
Can they achieve it through Azure Key Vault?
Any pointers would be of great help! Thanks in advance!