Our organization is planning to establish a new AD server on cloud to manage our local machines' sign-in/out and policy settings. We do not have any existing on-premise AD server. As far as I understand, we have 2 plans.
create new Azure AD DS server only.
create new Azure AD DS server and on-premise AD server and establish syncing system with 2 servers.
I think (1) is suitable to mitigate our maintenance cost, but there is any problem on (1),
We think about plan (2).
This example shows 2 design-patterns, but both of them are not suitable for our company since we currently do not have any virtual machines on Azure. We just like to establish Active Directory server on Cloud to manage our local machines.
Are there any best practices?