Hey everyone,
I'm looking for some advice on a setup we're planning. We have our servers hosted on a third-party cloud and they're part of our domain, fudge.com. Users log in to these servers with their fudge.com credentials. All our laptops are connected to this domain and managed as hybrid devices through Intune.
Recently, we've set up a second Azure domain, cereal.com, which has no servers but does include devices and users. I want to integrate this Azure domain into our on-premises forest that's tied to the hosted servers.
Specifically, I have a few questions:
1. If I connect the cereal.com domain to our on-prem domain, will any new devices that we add automatically become hybrid devices? I really want to keep them as Azure Joined.
2. Will users from cereal.com be able to access the servers using their cereal.com credentials?
3. Are there any other important considerations I should keep in mind?
Thanks for your help!
1 Answer
It sounds like you've got a complex setup! To clarify, if you're planning to add the cereal.com Entra ID tenant to your existing on-prem Active Directory, you'll actually need to be careful with terminology here. Connecting an Entra ID tenant to on-prem isn't the usual flow—it's mainly on-prem to Entra ID. As for your questions:
1. If you want to keep the new devices as Azure Joined, just join them to Entra ID rather than Active Directory. That way, you control how they relate to Entra without them being hybrids.
2. Whether users from cereal.com can sign in using their credentials depends on how you've configured the system. Since you're primarily using on-prem servers, you'll need to set that up properly.
Hope this helps you clear things up!
Thanks for your input! I get what you're saying about the connection process now. I'll look into joining the new devices directly to Entra ID. Appreciate the clarification!