Azure AD is not a like for like replacement for On-Premises AD. Azure AD is a modern authentication provider that is focused on user and application authentication using modern protocols such as OAuth, OIDC and SAML rather than LDAP. It does not have a concept of a computer object, group policies for similar. The naming of Azure AD is unfortunate as it can be confusing. You can read more about this here.
So, in terms of replacing your on-premises AD you really have three options.
- Us a combination of Azure AD and other services to replicate what you can currently do. AAD can do user authentication and machine logon. You can look at using InTune for GPO like policies, Azure DNS for DNS, Azure Files for file shares, Exchange Online for email and so on
- Look at using Azure AD Domain Services to create domain controllers as a service, which do support legacy AD functionality, but be aware that this has quite a few limitations.. You will also need to constant private connectivity to Azure for this, such as VPN or ExpressRoute
- Deploy domain controllers in Azure using virtual machines. You then need to manage these VM's