1

Is it possible to have Azure AD authentication for all users in an office, yet have them use the same credentials to access local servers? If so, how would I set that up?

A little background: We are trying to move as much of our infrastructure to the cloud as possible but some servers need to remain on premises.

Thanks.

takesides
  • 101
  • 1
  • 10
  • Do you have on-prem AD? – Jason Ye Jul 26 '17 at 01:52
  • At the moment yes, but running 2003 R2 servers. I am going to be upgrading the whole site to 2016 and wondering if maybe the thing to do is take AD authentication into the cloud and just have file servers local. – takesides Jul 26 '17 at 08:04

1 Answers1

2

Is it possible to have Azure AD authentication for all users in an office?

According to your description, you want to move as much of your infrastructure to the Azure, I think we can use Azure AD + on-prem AD + Azure AD domain service to manager users, in this way, we should keep your on-prem AD still on-prem, then users can use they original account to access local file server and VMs on Azure.

we can use Azure AD connect to connect Azure AD and your on-prem AD, AD connect will sync your on-prem user accounts to Azure AD, then Azure AD will sync those accounts to AAD DS. In this way, your local file server can be access via those accounts, and your VMs on Azure will join Azure AD DS, users can use those accounts to access the VMs on Azure.

Another way, we can setup a VPN between on-prem and Azure, move your on-prem AD to Azure (Azure VM), then join other Azure VMs to this AD(online). Then it works like on-prem. We can via VPN to access your local and online resource.

Jason Ye
  • 2,399
  • 1
  • 8
  • 10
  • Just want to confirm the current situations. Please feel free to let me know if you need further assistance. – Jason Ye Jul 27 '17 at 06:23