Create a Site-to-Site Virtual Private Network (VPN) between the cloud firewall and your office firewall. If you want to move all of the servers out of your office spin up a VM for your DC in Azure and deploy a cloud firewall in front of your VM.For clients that will be used in other locations join those computers to AAD and install AAD Connect in the DC. If the clients are in a single location and will always be in the same location as the DC then join them to the domain regularly.There are a few right ways to do this and I will give you two. So if you have workstations and laptops joined to AAD and they try to access a share on a server that is in a different domain than what AAD synchronizes with you are going to need to provide credentials that exist in the server which hosts the resources you are trying to access. AAD then validates that authentication request against the information synchronized from AD. When a computer joined to AAD logs in it sends the login request to AAD. That creates an account in AD that synchronizes accounts and passwords with AAD. That DC has Azure Active Directory (AAD) Connect installed and configured on it. You still need a DC (a virtual machine (VM) in the cloud or a physical server).
That is an incorrect understanding of Azure. Essentially you are expecting to be able to get rid of your on premise domain controller (DC) because you can join you laptops and workstations to Azure.
0 kommentar(er)
