We're looking at going "cloud only" using Azure Files to replace the last of our on-prem file servers(and therefore legacy domain).
I have setup the storage account and can access via name/secret key from a local device.
I'd like to integrate full NTFS perms, so I have setup AADDS (Cloud only)
I can successfully authenticate an Azure VM to the share using NTLM to access the files.
My next objective is I'd like to expand this functionality to our workstations. From what I have read, I believe a VPN would be required to enable the authentication requests to AADDS, therefore joining the workstations to the Managed Domain.
My questions:
Is this the only approach I can take to achieve this goal?
Which VPN would the most appropriate assuming staff want the flexibility of in-office and WFH?
Anything else I should be aware of before I implement this?
Thanks in advance for any advice