locked
Promo Active directory hosted on Azure to on-premises RRS feed

  • Question

  • good afternoon.

    We currently have a customer that has an Active Directory in Windows Azure.

    Between the customer and azure there is a VPN connection.

    My idea is to make a DCPROMO to have that active directory in my local installation and replicate between Azure and local, local and azure (Bidirectional). Is this possible?

    Thanks


    chocoloco

    Thursday, January 12, 2017 4:11 PM

All replies

  • Hi,

    every Azure subscription is built from a Azure AD tenant, this tenant can be populated with users by syncing from local AD servers with the Azure AD Connect tool. This Azure AD is used to authenticate users with SSO to their SaaS applications (O365, Intune, Azure,..)

    If you need to have your applications on Azure VM's authenticate against AD then:

    - Install IaaS VM and configure it as any other DC (think about Sites/Services and putting AD data on data drive without caching, surely don't leave it on OS drive as this has read/write caching enabled and AD doesn't like that.

    - Use Azure AD Domain Services, this is a PaaS service, which means you don't have to install Dc's in Azure but you still be able to domain join your Azure VMs to that service and make use of the AD functionality like with a normal DC.

    Hope this helps

    Cheers
    Christophe

    ---------------------------------------------------------------------------------------------------

    Kindly click "Mark as Answer" on the post that helps you, this can be beneficial to other community members reading the thread and ‘Vote as Helpful’

     


    Azure Fanatic! www.cloudcrusader.com




    Thursday, January 12, 2017 8:14 PM