We have an Office365 domain hosted at GoDaddy, using GoDaddy's Office365 hosted implementation. I've connected this domain to Azure Active Directory, following the basic instructions here (https://docs.microsoft.com/en-us/azure/active-directory-domain-services/active-directory-ds-getting-started) as best as I was able. Accounts seem to be syncing (one-way), so I'm confident that the basic configuration is correct.
But when I try to join an (existing) Azure VM running Windows Server 2012 (in an AD-enabled VNet), using an account that I've added to the "aad dc administrators" group, I get the error, "The user name or password is incorrect".
Similarly, I'm not sure how to go about joining on-premise machines to that AD domain. The domain controllers are (of course) sitting in the VNet, behind a VPN, and are (so far as I can tell) accessible only if my local machine knows how to get to that domain's controllers. But since they're the only DNS servers that know about themselves - and since they're behind a VPN - how does my local machine know how to connect to and join that domain? I tried it, and it seemed to work - my laptop is now a member of our Azure AD domain - but when I try to login using my domain account, I get an error the effect of, "Can't do that right now."
Sorry if these are basic issues - my AD management days are probably 15 years in the past, and lots has changed since then.
