Create a Azure VM in the azure

promote to DC

Site to site vpn/Express route.

Azure Connect AD Sync

Transfer FSMO roles

Configure DNS

join the PCS to Azure domain.

Group policies.

Re-create user profiles

What application relay on AD.

Dependencies

Trusts between on-premise and azure AD

custom template
av set
disk os and data
load balancer
1 network card
public ip
1 vm
1 vnet
vnet peering
private ip
forwarder in onprem dc
add the private ip
doman and trust in on prem dc
crate trust on both sides

disregcmd /status
disregcmd /join

ADDS
ADFS
ADRMS
AD AUTHENTICATION
QUICK START TEMPLATES
WINDOWS VIRTUAL DESKTOP
FILE SERVER WITH AD
FILE SERVER WITH MFA /conditional access

COMPLETE AZURE ADDS no ON-PREM

azure AD

FILE SERVER
CREATE adds - IT Cretes tow domain
storage account
configuration integrate with ad
add roles
fs logic app setup

MFA
conditional access need license
p1 or p2 license
backdoor account

Azure AD B2B collaboration is intended for organizations that want to be able to

authenticate users from partner/supplier organization, regardless of the identity
provider, and be able to manage the lifecycle of those guest users. These accounts
are managed in the same directory as employees, and can be added to the same groups
and resources.

Azure AD B2C is intended for commerce and other interactions with consumers,
citizens, or members of another group that does not require access to internal
resources. These accounts are managed in a separate B2C directory, and are
completely separate from your internal user accounts. B2C accounts are a customer
lifecycle: they are either managed by the customer, or directly by the application