Move to Azure with a single or multiple domain controllers
What happens when you have a single or multiple domain controllers and move to Azure?
Before we dive into the answer, we need to understand the bigger picture, so we’ll start by talking about identity and active directory (AD). Active directory is basically the central way to authenticate a user.
In the legacy world
In the legacy world, a given company would have a central database where a username and password were stored for each user to access resources. What happens if that company acquired another company? They would now have multiple domains, each with their own set of users and credentials, because the acquired company also had an Active Directory.
So, taking this as an example of how it was done, the common way was to do a migration from the acquired AD into the acquiring AD and do a big project to centralize everything into a main database. This is the way we would typically perform migrations or mergers, in terms of Active Directory.
With the introduction of the cloud and Office 365
With the introduction of the cloud and Microsoft 365, Microsoft offers a mechanism that can synchronize accounts to the cloud to essentially use the same username and password. A tenant is the central location to which you sync to Microsoft 365. Microsoft offers a mechanism called Active Directory Connect, which is going to oversee the syncing of usernames and passwords to use in Microsoft 365.
There are some important caveats and rules to keep in mind. If you would like to synchronize multiple companies under a single tenant, a requirement to keep in mind is the need for connectivity among those companies, along with full Active Directory trust relationship.
After communications between the companies have been configured correctly, Azure AD Connect can sync usernames and passwords from on-premises and sync them to the cloud.
If you have any questions regarding your move to Azure, don’t hesitate to contact us, our Microsoft certified experts are here to help.
