Hi Hadi Burhan,
To clarify and correct me if I'm wrong, you have this setup:
- Existing Forest Onprem
- Domain onprem (To decomission): xyz.local
- New Domain on Azure: domain.com deployed
- Vpn site to site already stablished successfully
- Issure: Objects isn't replicated to Azure
In this existing forest xyz.local on-premises when you add a new domain from a Domain Controller (DC) in Azure, it will replicate all objects. In Active Directory terms, squema defines the kinds of objects and the type of information about those objects that can be stored in the forest
- Trust Relationships: When you create a new domain in an existing forest, a two-way, transitive trust is automatically created between the new domain and the forest root domain. You’ll need to ensure these trust relationships are correctly configured for your new Azure DC.
- DNS Settings: You’ll need to configure DNS settings to ensure that clients can resolve domain names to the Azure domain controllers. I understood Is working fine because you already have compurers joined.
- Replication: Active Directory replication between the on-premises domain controllers and the Azure domain controllers needs to be configured.
- Site-to-Site VPN: Since you already have a VPN S2S and connectivity established, this should facilitate the communication between your on-premises network and Azure.
Additional resources :
- https://learn.microsoft.com/en-us/archive/technet-wiki/51935.azure-replicate-on-premise-domain-controller-to-azure-virtual-machine
- https://vmarena.com/how-to-configure-replication-from-on-premise-domain-controller-to-azure-vm/
- https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/identity/
- https://activedirectorypro.com/repadmin-how-to-check-active-directory-replication/
Let me know if this help you.
Luis