![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 90%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
25,081 questions
Hi @Reez Ali • Thank you for reaching out.
Yes, the steps you have mentioned are correct. Just to add to the text in red below, the VM will just have the binaries to manage Active Directory, it won't be promoted as a Domain Controller.
When Azure AD DS is deployed, 2 domain controllers are deployed in the backend and access to the VMs of those domain controllers is not provided.
- Sync On Premise AD to Azure AD through Azure AD Connect
- After Sync Create Azure AD DS and Sync to Azure AD (
for Which VM needs to be created which will have role of Domain Services) - Part of above process we need to create a Virtual Network and 2 Subnets one for Azure AD DS and other for VM server.
Note: In case of Azure ADDS, you won't have Enterprise administrator privileges, due to which you might not be able to perform all the tasks that you can perform in on-premises AD.
Also, keep in mind that schema extension and geo-distributed deployment is not supported with Azure AD DS.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.