A little background of what I am trying to do, but am having no luck for various reasons: Windows 2016 Server on site domain join with Azure AD
After receiving some feedback from my colleagues, I may not have the time or assistance from IT to research and integrate that system (Azure AD --> vNet --> Express Route --> On-premise Windows Server 2016). That is what I concluded to be the best option for Single-Sign on purposes that is scalable, but I am receiving some push back. What we essentially want is a server on our own-intranet to map a network drive and host videos via a browser.
What I would like to know now is, what will happen if I install Active Directory on the on-premise server, create a domain and then create accounts for our users. We have one-account established and that is tied to AzureAD. Everything we do is tied to that account.
Can I duplicate those accounts in the on-premise AD? What will happen if I change our Workgroup(WORKGROUP) to a domain on all of our machines, adding the on-premise domain to our machine? Will we lose the ability to authenticate ourselves with Azure AD?
I do not want to say, "Hey, when you want to add something to the share, log-out, switch to the domain, log-in with the new domain account and then try to upload." Maybe I am over thinking this!
I have never worked with a hybrid-infrastructure and all the docs seem to be reverse (on-premise to Azure, not the other way around). My biggest fear is that installing a domain on-premise and changing our machines to that domain will lose our ability to use other apps and log in because our users and devices are already in Azure AD.