My company has their entire user/group architecture in the cloud using Azure. We recently purchased a Windows 2016 Server machine and I have been asked to set it up so that we can use our Azure accounts. I need to do simple things like file sharing and set up a vpn. Now, I have been reading that Azure AD Connect is NOT an option for me: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-existing-tenant
If I can not sync Azure AD users/groups to my new AD on the server, then what do I do? I do not want to create new accounts and have people give me their passwords. I have heard about Azure AD Domain Services, but it seems like I need to spin up a virtual machine on Azure with Windows Server 2016, but I do not think that would help my case, since my server is on-site! How do I join this local domain (I have not set it yet) to the Azure domain that already exists with all of our accounts and machines in its AD?
I have been pouring through this and am not sure what I should do: