Azure Active Directory Domain Services Limitations

I work with Azure Active Directory (AAD) and enabled the Domain Services (AAD DS) feature to manage all my virtual machines and user-accounts. Domain Services is basically a Windows Domain Controller (in fact there are two of them), which provides Domain Join, LDAP and Authentication for your cloud hosted network and machines.

As a result, all users in the AAD can login to the Windows machines by using their AAD-Account.

From the documentation ( Your domain controller as a service
  • “Lift-and-shift” apps to Azure more easily than ever
  • Use LDAP, Active Directory domain join, NTLM, and Kerberos authentication
  • Rely on a managed, highly-available service
  • Get started in minutes, pay as you go
  • Develop and test with no identity worries
  • Manage Azure virtual machines effectively using Group Policy
I use the following setup, often referred as "cloud-only organizations"

Known Limitations

While still in the preview phase, I would like to point out some specific issues that I think should be known before using Azure Active Directory Domain Services. Some of them are by design, others are hopefully subject to change.

Mixed Up Accounts

Missing Mapping Information

Deleted Accounts Issue

As long as there is a account with the same UserPrincipalName in the Tenant, the newer accounts doesn't get synced correctly. The deleted accounts needs to be deleted completely from the AAD. --> WIKI LINK

User Name Length

Account Expiration


  1. 24시간 연중무휴로 운영하고 24시간 고객센터도 운영하는 온카지노 80gtr.com입니다. 24시간 연중무휴로 운영하고 24시간 고객센터도 운영하는 온카지노 입니다. 3시간만에 쪽 빨리고 내가 카지노사이트 다시 카지노사이트 오면 정말 개다! 근대 강랜은 대부분 어두운 얼굴을 하고 죽어라 온카지노주소 맥시멈 베팅하고 계시는 분이 참 많대요...


Post a Comment

Popular posts from this blog

Deleting Azure Active Directory Users in C#

Home Assistant in Docker with Nginx and Let's Encrypt on Raspberry Pi