MicrosoftJay, nothing about my comments is "trolling." What do you not understand about "MS-Managed Azure AD DCs" do not allow anyone to be a "full domain admin?" I would think you would know that. Again, we are as high of "domain admin" as is possible in Pure Cloud/Azure environment with ONLY Microsoft-managed DCs. In other words, we have none of our own VMs as DCs and it's Pure Azure; using only their 'pre-provisioned / pre-defined' DCs. Believe me, I already would have extended the schema and, again, this is where you and others are "leaving us out." Unless Microsoft themselves (they're the ONLY domain admins on 'MS Managed DCs' extend the schema on all MS Managed DC's, there's no way we can take advantage of those features, since we'll never use Intune, we have zero on-premise DC's, we're not hybrid and we do not have any custom VMs that are DCs; we use only the pre-defined MS-managed DCs. So again, I'm asking for true help - can someone please tell Microsoft to extend the schema on their own MS-managed DCs that I'm sure many of us use. I don't appreciate the condescension, fyi - and I do apologize if you took any of my comments that way - I've read all the 3rd-party AND Microsoft documentation and that have NOT covered this specific scenario, where a company does not have ability to extend the schema. We do not want to setup hybrid environment. Thanks in advance.
