question

LisaLownds-9214 avatar image
0 Votes"
LisaLownds-9214 asked ·

Schema extensions

Folks,
I have a couple of questions about AADDS:

  1. Does Azure Active Directory Domain Services (AADDS) support custom schema extensions?

  2. Would you describe AADDS as a globally shared AD Forest with a managed domain for my org?

Lisa



azure-active-directoryazure-ad-domain-services
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

ShashiShailaj-MSFT avatar image
1 Vote"
ShashiShailaj-MSFT answered ·

Hello Lisa ,

Please find the answers. Azure AD domain services is a managed Active Directory instance with the main goal to provide Legacy authentication capabilities (for legacy apps which use Kerberos , NTLM) in the cloud so that anyone who would like to completely migrate to Azure and remove on-premise active directory could life and shift the on-prem application servers as is , and have the benefits of legacy auth protocols in the cloud. So as for your answer , please find the below.

  • Does Azure Active Directory Domain Services (AADDS) support custom schema extensions
  • Would you describe AADDS as a globally shared AD Forest with a managed domain for my org?

    • Not exactly . Each instance is unique to one customer and part of a larger globally shared AD in the backend. Whenever you enable Azure AD domain services, a new restricted Domain Controller for the domain name you have provided during initial configuration , is created. The difference from on-premise AD is that you do not get complete flexibility to change and modify the domain controller settings as you would be able to do in your on-prem Domain controller. This is because it was never created for making it a feature-by-feature replacement for on-premise AD. If you require completely similar control in the cloud then we suggest you to create Azure VMs and promote them to domain controllers . You may have to setup a site-to-site VPN for the same between your on-prem location and the Azure using Azure gateway / Azure VPN.

Hope this clarifies your queries. I have added some links to my answer , please check the same. Also I would encourage you to go through the complete FAQ for the Azure AD domain Services and I am sure a lot of your queries could get answered automatically. In case the above information in the post helps you , please do mark it as answer so that it can help others in the community searching for same answers.


Thank you.


· 1 · Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

ShashiShailaj-MSFT avatar image ShashiShailaj-MSFT ·

@LisaLownds-9214 Please let us know if the above answers your query. In case it dos , please do mark it as answer . In case you have any related query , we will be happy to help . for any other issue we would request you to open a new thread and we will gladly help you.

0 Votes 0 · ·