Azure Active Directory Domain Services on premises Domain Join

Question

Please note this question is about Azure Active Directory Domain Services - https://azure.microsoft.com/en-gb/documentation/services/active-directory-ds/

Not the similarly named Azure Active Directory - https://azure.microsoft.com/en-gb/services/active-directory/

If I have an Azure site-to-site VPN to the vnet on which Azure Active Directory Domain Services is installed can I join an on premises server or client to the Azure Active Directory Domain Services domain.

Bruno Faria · Accepted Answer · 2015-12-02T17:37:14.803

3

The simple answer is Yes.

Few limitations comes to my mind:

It's preview, therefore, not covered by SLA
Only support Flat OUs
Only support simple GPOs
It's a stand-alone managed domain, not an extension (can't add as new DC in an existing domain/forest)
Does not support trust relationships
Since it's managed by Azure ADDS, you don't have Domain Admin or Enterprise Admin privileges

edited Dec 02 '15 at 17:37

answered Dec 02 '15 at 17:06

Bruno Faria

3,814
1
13
18

Thanks for the answer, it's a real shame you can't just add it to an existing domain and use standard DC replication to populate it. – Christopher Edwards Dec 02 '15 at 20:54
You have to use Azure AD Connect to replicate on-premises to Azure AD. All objects in AAD will be available to AADDS. – Bruno Faria Dec 02 '15 at 23:04

Azure Active Directory Domain Services on premises Domain Join

1 Answers1