locked
Join on-prem server to Azure AD RRS feed

  • Question

  • Hello,

    we are trying to bring our education section to the Cloud and we also have some Windows Servers.

    In order to have SCCM working with all parts ist needed to joind into a domain.

    Because we wont have a full blown on-prem AD with Azure sync we would like to have the Servers in the AzureAD. For this we activated the Azure AD Domain Services which is working fine with Azure VMs. But now the question is what is the best way to implement this. The easiest seems to me with a Site-To-Site VPN.

    Regards

    Thursday, April 5, 2018 7:48 PM

All replies

  • AAD DS is not really for on-premises machines, it's for cloud-hosted servers. Local machines will scan the network for a domain controller and if one is not found then they will use local resources. So, given AAD DS is not on the same network as you and the machines won't find the service. At best you would need ExpressRoute so that you can have a Layer 2 connection to AAD DS, but this will come up with lot of work.

    The Best solution in your scenario will be Install a new Active Directory forest on an Azure virtual network. You can configure a site-to-site VPN and then either install a new forest or extend an on-premises forest to an Azure virtual network.

    ---------------------------------------------------------------------------------------------------

    Do click on "Mark as Answer" on the post that helps you, this can be beneficial to other community members.

    • Proposed as answer by Ajay Kadam Friday, April 6, 2018 3:09 AM
    Friday, April 6, 2018 3:08 AM