Here are the steps to move from an on-premise Domain Controller (DC) and Azure AD Connect to a pure cloud solution using Azure Active Directory (AAD) and Azure AD Domain Services (AADS):
- Disable Azure AD Connect: To prevent any changes made to the on-premise AD from syncing to AAD, disable Azure AD Connect.
- Verify that all on-premise services are running correctly with AAD: Before removing the DC, make sure all on-premise services that rely on it are working properly with AAD.
- Remove the Domain Controller: You can either deprovision the DC or decommission it, depending on your specific requirements.
- Verify all users, devices, and resources have been moved to AAD: Ensure that all identities, devices, and resources that were previously synced from on-premise AD to AAD have been moved to AAD.
- Enable Azure AD Domain Services: If you have any legacy applications that require an on-premise domain, you can enable AADS, which provides managed domain services in the cloud.
- Verify the applications are working correctly with AADS: Test your applications to make sure they are working as expected with AADS.
- Optionally, implement multifactor authentication (MFA) for added security: To enhance the security of your environment, consider enabling MFA for all users.
Note: These steps may vary depending on your specific environment, and it is recommended to perform a thorough backup of your data and configuration before making any changes.