See step-by-step guides for configuring Azure AD Domain Services.
Use Azure Active Directory (Azure AD) Domain Services to migrate legacy apps from on-premises to a managed domain, without the need to manage the environment in the cloud.
Use managed domain services—like domain join, group policy, LDAP, and Kerberos authentication—without having to deploy, manage, and patch domain controllers in the cloud.
Let users sign in to services and apps connected to the managed domain using existing Azure AD credentials. Secure access and migrate on-premises resources to Azure with existing groups and user accounts.
A managed domain is configured to perform a one-way synchronization from Azure AD to provide access to a central set of users, groups, and credentials. Once synchronized, resources can be created directly in the managed domain but aren’t synchronized back to Azure AD. Apps, services, and virtual machines in Azure that connect to the managed domain can then use common Azure AD Domain Service features. In a hybrid environment with an on-premises AD environment, Azure AD Connect synchronizes identity information with Azure AD, which is then synchronized to the managed domain.