上QQ阅读APP看书,第一时间看更新
Stretched Active Directory to Azure IaaS
Extending your local AD Domain Services to Azure IaaS provides you with a very flexible scenario to use your line-of-business applications in the cloud. To use this integration, you need to build a VPN or Express Route connection to Azure.
Domain controllers are highly sensitive roles and will have the most concerns focus on the trust of the service. Many alternative solutions don't support seamless lift and shift migration to Azure like this one:
Extending your Active Directory to the cloud
Follow the following notes:
- Domain controllers (RW): The best choice for IaaS workloads and will be aware of your replication considerations
- Domain controllers (RO): Normally used for scenarios with poor security and not an appropriate choice for IaaS workloads
- Resource forest scenarios: Not recommended for use in IaaS
In the next section, we'll take a look at the Azure AD B2B integration scenario.