![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 83%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
25,132 questions
Hi @TechQ
I would recommend to ask your teams why this is... normally this is due to historical structures...
If some application still need to be on premise and are using that "old" AD and nobody would like to try out how to migrate... then those old structure kept maintained.
Generally you are right, you don't need an onpremise AD if you have an AAD, all servers could be deployed in the cloud and even those onpremise could be administered from within Azure... but that needs some additional work to check which application/server needs some extra work to realise it.
Maybe nobody wanted to take the "risk" (aka extra work/testing) or it was not planned within the budget...
technically, your idea/understanding is correct.
I hope my answer is helpful to you,
Your
Bjoern Peters
If the reply was helpful, please upvote and/or accept it as an answer, as this helps others in the community with similar questions. Thanks!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 96%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)