User Profile
DerrickFl
Copper Contributor
Joined 9 years ago
User Widgets
Recent Discussions
Azure Active Directory Domain Services On -premises workstation Join
Hello, Just a quick one, I know this might not be something new but was wondering if anyone can help. Scenario: Company A is a start up company who wants a cloud only infrastructure with Office 365 and Azure. They don't want to build on-premises servers except for workstations to be used by the employees. They have 3rd party apps but does not really require AD authentication. So, here are the questions: 1. If we use AAD DS, can they join workstations on-premises without even building a domain controller locally? 2. If yes, do they need a site to site VPN for this? 3. As for integration with office 365, can they have a single identity using AAD DS? what about dirsync, is it still required? Hybrid is not an option to them. 4. As for the AAD DS, is this already available in ARM? I have checked the following articles but it seems I still need more input based on specific scenarios. Any help is greatly appreciated. https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-overview https://blogs.technet.microsoft.com/markrenoden/2016/06/10/using-azure-active-directory-domain-services-with-arm-vnets/ Thank youSolved35KViews1like9CommentsRe: Azure Active Directory Domain Services On -premises workstation Join
Hi Loryan, Vasil and Sid, Thank you so much for your replies and inputs and I really appreciate it. I have been reading also just wanted to validate my understanding on Azure AD DS. Based on what you guys mentioned, it seems like company A needs to have a local AD domain controller on premises and extend it to Azure depending on the requirement and In order to have full enterprise directory capabilities such as GPO's etc just like traditional directory service on Windows Server. So I think the way to go here is to build S2S VPN connectivity to Azure from Onpremises and build Azure ADDS VMs and have the workstations join to the domain. If connecting to Office 365, then a Dirsync server running AAD connect should also be built in Azure as an IaaS VM and have it synchronize to Azure AD. Josh Villagomez Hello Josh, Thank you for providing your input on the matter. Hopefully in the future, MS would offer a full standalone enterprise directory service in Azure just like the traditional LDAP directory service in Windows Server without even building servers onpremises. In that way, we are able to address customers that are cloud-only organizations especially those that do not have plans on refreshing server hardware. Azure ADDS is also a good offering given especially for customers that are running Azure workloads already. Again, Thank you guys for your responses.34KViews0likes3Comments
Recent Blog Articles
No content to show