The only option you have for AAD being the source of truth, rather than AD, is to use Azure AD Domain Services, which provides domain controllers as a PaaS service. However, AAD DS has some fairly significant limitations, so may not work for you.
Other than that, AD will always be the source of truth.