This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 97%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAH%3C/text%3E%3C/svg%3E)
Hello.
I am currently in the process of building a domain controller (Active Directory) VM in Azure (IaaS). And next is to set up one AADC in Azure and sync the users to Azure AD. I understand it is unusual but that is the requirement.
We have a domain controller on-premise (which will replicate with the domain controller in Azure). Workstations are already joined to the domain. However, they are not licensed. Which means we have not bought the CALs. The goal is to decommission the domain controller on-premise and make the domain controller in Azure as the primary domain controller.
My question is, do we need to buy CALs? Or subscribe to Azure AD premium P1? Or no CALs needed at all (based on this statement, "No. Windows Server CALs are not required for accessing Windows Server running in the Azure environment because the access rights are included in the per-minute charge for the Virtual Machines." From here https://azure.microsoft.com/en-us/pricing/licensing-faq/ ) We have about 2000 users authenticating to the domain.
You do not require CALs for Windows Server in Azure as per that link you provided, the licensing costs for Windows Server and the client access rights are included in the pricing.
Azure AD Premium P1 is a separate product entirely which would have nothing to do with Windows Server or Active Directory Domain Services.
