Azure Active Directory

From what I can find with a quick search is that it is Active Directory Services but not for company LAN/WAN. It is for Cloud based authentication. It is now a part of Microsoft Entra, Secure access for a connected world.

I think you're right. My idiot customer thinks he can go all cloud based to replace his local server.

Exactly like my “idiot customer” I warned him, but whining and moaning was great when his Internet went down for half a day. They could not do anything anymore in their office.

Hans

4G backup is essential.. but still doesn't help you if the 'service' goes down...

Huh ? I'm pretty sure that I have multiple customer with Microsoft Entra and that's exactly what you can expect from an Active Directory in the "cloud".
And there is an hybrid approach with an on-prem server to speed up things and act as a failover in case of internet outage.
But according to my customer, it's a mess and Microsoft is constantly changing the names of services, so it's hard to keep track.

I'm still unclear on what Azure can and can't do.

Can it act as a domain server?
Or a DHCP server?

I understand it can function as a file server but I already have my customer set up on SharePoint for most file sharing Only financial records are kept on the local server.

I found my answer. This is getting interesting. Perhaps I need to learn it.




AI Overview
Yes, Azure can be used as a domain server. You can host a domain controller in Azure using virtual machines (VMs) running Windows Server, or you can utilize Microsoft Entra Domain Services, a managed service offering a domain controller experience without the need for individual VM management.
Here's a breakdown:
1. Hosting a Domain Controller on Azure VMs:

• You can create Windows Server VMs in Azure and configure them as domain controllers, extending your existing on-premises Active Directory or creating a new one in Azure.
• This involves setting up the VMs with appropriate network configurations, installing Active Directory Domain Services (AD DS), and configuring them as domain controllers.
• You'll need to manage and maintain these VMs, including patching, updates, and backups.

2. Microsoft Entra Domain Services (Azure AD DS):

• Azure AD DS is a managed service that provides a domain controller experience without the need to manage individual VMs.
• It offers features like domain join, group policy, LDAP, and Kerberos/NTLM authentication.
• You can integrate Azure AD DS with your existing Azure AD tenant, allowing users to log in with their existing credentials.
• It simplifies the process of using domain services in Azure, as Microsoft handles the underlying infrastructure and maintenance.

In essence, you have two primary options:

• IaaS (Infrastructure as a Service) approach:
  .
  Create and manage your own domain controllers as VMs in Azure (similar to an on-premises setup).
• PaaS (Platform as a Service) approach:
  .
  Use the managed Microsoft Entra Domain Services for a simplified and scalable domain controller experience.

The choice depends on your specific needs and infrastructure requirements. If you prefer a hands-on approach and have specific customization needs, the IaaS option might be suitable. If you want a managed service and simplified administration, Azure AD DS is a good choice, according to Microsoft.

• Microsoft Entra Domain Services (Azure AD DS)
  Microsoft Entra Domain Services (formerly Azure Active Directory Domain Services), part of Microsoft Entra, enables you to use man...
  Microsoft Azure
• On-prem Domain Controller or Azure Domain Controller?
  May 26, 2020
  
  Spiceworks Community
• Deploying Domain Controller in Azure | Best Practices
  Apr 16, 2023 — Domain controllers are fundamental to any Windows-based networking infrastructure, providing centralized authenticatio...
  
  Terminalworks