Azure AD setup for branch offices


  • We’re trying to come up with a plan to setup 2 existing remote branch offices, each with their own on-prem server, that would sync with a virtual server in Azure so we can centrally manage them (plus more as it will grow) and deploy GPO’s from the Server VM in Azure. Sort of a hybrid environment. So far, we have a Server 2012 R2 VM in Azure and MDM and intune setup. With this alone I was able to join a VM on my local network to the Azure AD but cannot find the object for that computer on the VM in Azure. I am definitely missing some pieces to the infrastructure.

    I’ve started watching an online course on how to setup Active Directory in Azure but I’m confused. First off, they discuss setting up a Site to Site VPN between the virtual network in Azure and the local network on site and that the local network cannot be behind NAT. Not sure how that’s possible as Site 1 and Site 2 will be behind a Sonicwall firewall (NAT) so how would that work?

    Also, is the VPN from Azure to the on-site network necessary or can we just install Azure AD connect sync?

    This is my first experience with Azure so any help is appreciated

    Friday, April 7, 2017 2:18 PM

All replies