I'm designing a solution that has a PaaS management service, which receives data from linux/windows VM servers in Azure. These servers are domain joined using ADDS. I don't have ADFS in the mix, and ADDS and Azure AD are not federated.
The ask: I'd like my users to have the same identity (username and password) as that in the ADDS.
What would be the most appropriate way to authenticate users against the PaaS management service? Using Azure AD and then establish federation with ADDS?
Any better thoughts?