Question related to Azure Domain Services and on-premise domain
I have an on-premise domain called "mydomain.com". I'm wanting to extend this domain to Azure via active directory domain services. When setting the ADDS in azure, should I use a different domain name such as "azure.mydomain.com" or use the same one as my on-premise "mydomain.com"?
Also, does this configuration require a VPN connection via the gateway or can on-premise domains be extended to Azure over the public internet?
Another question relates to if the free Azure AD is needed for this type of deployment or do you have to use Azure Domain Services in addition to the free Azure AD provided by the tenent?
I have an on-premise domain called "mydomain.com". I'm wanting to extend this domain to Azure via active directory domain services. When setting the ADDS in azure, should I use a different domain name such as "azure.mydomain.com" or use the same one as my on-premise "mydomain.com"?
Azure AD Domain Services provides managed domain services seamlessly regardless of whether your Azure AD tenant is cloud-only or synced with your on-premises Active Directory.
For the domain name in AADDS, you have many choices:
- Built-in domain name: By default, the wizard specifies the default/built-in domain name of the directory (with a .onmicrosoft.com suffix) for you.
- Custom domain names: You can also type in a custom domain name.
- Non-routable domain suffixes: We generally recommend avoiding a non-routable domain name suffix.
- Domain prefix restrictions: The prefix of your specified domain name (for example, contoso100 in the contoso100.com domain name) must contain 15 or fewer characters.
- Network name conflicts: Ensure that the DNS domain name you have chosen for the managed domain does not already exist in the virtual network.
If you just want to extend your on-premise domain to the Azure, you don't need to use AADDS to make this, you could just use Azure AD Connect to sync your on-premise domain to the Azure. Because if you want to use AADDS, you also need to sync the on-premise to the azure.
Also, does this configuration require a VPN connection via the gateway or can on-premise domains be extended to Azure over the public internet?
The process of configuration doesn't require a VPN connection, it just uses the Azure AD Connect to do the synchronization.
Another question relates to if the free Azure AD is needed for this type of deployment or do you have to use Azure Domain Services in addition to the free Azure AD provided by the tenent?
The AADDS needs a subscription when you configure it, there is no requirement about the AAD.
- Azure AD B2C error AADB2C90057 when I am NOT trying to use the implicit flow
- “That Microsoft account doesn’t exist” for Microsoft logins on Auth0
- You don’t have authorization to perform action 'Microsoft.Resources/deployments/validate/action'
- .Net Core - Use AzureAD/EntraID Authentication to Access Azure DevOps REST APIs
- How to use stored procedure parameters as dynamic content in copy activity using ADF
- Issue with Azure Automation Account and Key Vault Certificate Retrieval
- OpenAI remove key access while using AAD authentication
- Azure Tenant setup for .NET Blazor WASM calling Web API + Microsoft Graph
- Add tenant specific roles in Azure AD multitenant app
- Allow App Service to be called by just a test user and another App Service using a system assigned managed identity
- How to automatically refresh access token
- Access Token Issuer from Azure AD is sts.windows.net Instead Of login.microsoftonline.com
- How to get user's attributes from Identity in Blazor Server with organization authentication
- Correlation failed in net.core / asp.net identity / openid connect
- I'm unable to Login to VM with Azure AD user credentials
- I need to add co-organizer in teams meeting through graph api
- MSAL for non-SPA? Server side authentication?
- Entra ID - Adding actor claim to the token via client credential flow
- Roles for a SPA and API setup in Microsoft Intra ID
- Getting a token from Microsoft Intra ID with PostMan using MFA
- Unable to patch businessPhones of Entra External ID user, Insufficient privileges to complete the operation
- Add Azure Active Directory User to Azure SQL Database
- How to create dynamic groups in AzureAD/EntraID from a csv import?
- Creating a user in Azure AD B2C through Microsoft SSO
- Azured AD JWT authentication doesn't work for Web API hosted in docker using TestContainer
- How do I connect locally to Azure SQL database with Microsoft Entra ID registered app in C#?
- How to fix 'Unable to Obtain Authentication Token' in Active Directory Authentication to Azure Analysis Server
- Error OrganizationFromTenantGuidNotFound and 401 Unauthorized when Sending Email via Microsoft Graph API in React App
- Fetch employee id from from job description properties .NET 8
- How to check if a device is AD joined or Azure AD joined/registered?