Hey Faddy! Yeah it can be compared to the cost of a single VM, but it is a managed service that gives you 2 VMs...so...🤷🏼‍♂️

Thanks!

Thanks Deo ☺️

AWESOME!!!!! Good luck to you Sid If you want to take my videos and provide translations into Mandarin I am happy to add them as subtitles as a way to expand you efforts. I have already been doing this for Japanese and Portuguese...would love to add more languages

Let me know what your channel so I can subscribe ☺️

@@AzureAcademy Hi Dean, you can click my head portrait to access my channel, it's called "喜得Sid", I am using just iPad + Apple pencil + iPhone to shot the video.

@@AzureAcademy Sorry I am still new to KZbin, correct me if I am wrong, do you want me to help translate your videos into Chinese subtitles? Can you share a link of the videos you did for Japanese and Portuguese, thanks.

kzbin.info/www/bejne/eqPOgnmJi6lsf80 This video has all the languages in it. If you wanted to contribute to the translations that would be awesome... then you could link them on your channel and use them to help people learn WVD.

Once those objects are successfully synchronized to Azure AD, the automatic background sync then makes those objects and credentials available to applications using the managed domain. This might help on source anchors - docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-design-concepts How Azure ADDS Syncing works - docs.microsoft.com/en-us/azure/active-directory-domain-services/synchronization

They are NOT represented in your tenant. Within AZURE AD there is no concept of a domain or domain controller. AADDS are just VMs that are part of the managed service offering that run an instance of Active Directory that Azure AD creates users ids and passwords in. Does that make sense? So no one can attack windows because you have no access or permissions, so you can’t compromise windows. YOUR account in AADDS has delegated permissions in a single OU, so you can’t compromise AD. So the only way to protect those VMs is to block all unneeded ports with a firewall or NSG, don’t put anything else in their resource group, lock the resource group, remove all but the required permissions from the resource group. Setup all the monitoring of AADDS and Azure, including following the security center (defender for cloud) recommendations and you should be good.

@@AzureAcademy that helps a lot. Basically I have 5 VMs per tenant associated with AAD DS. This helps to understand their purpose and security.

Great! a whole series on zero trust security coming soon…stay tuned!

Awesome! Please Share it with everyone!

All the videos have subtitles…press C on your keyboard to turn them on

@@AzureAcademy AZ-140 ep09 | Plan AzureAD Identites kzbin.info/www/bejne/b5yyZ2t7qt5gY8k I found this video doesn't seem to be

Just checked and for some reason they are missing…will see what I can do

Hey John, a cloud user can only be used with Azure AD Join and AVD. if you user AADDS then you are using a synced user. So you would create a cloud user then create AADDS and all the users in Azure AD would sync over to AADDS So I would suggest looking at me Azure AD Join videos before trying AADDS -> kzbin.info/www/bejne/pJCan418rc2imMU

In short…you can’t. AADDS is designed to only have 1 instance per Azure AD Tenant. But I think you would be interested in replica sets - docs.microsoft.com/en-us/azure/active-directory-domain-services/concepts-replica-sets

I very much agree with you...if you already have an AD Domain AADDS is NOT something I would recommend.

Thanks Sander! I love the approach, however you are Correct AzureAD DS does not support MSIX AppAttach at this time 😩

Did you fall back to AD or do you "role" your VM in the pool then decommission your VM with drain mode, when you update apps in VM ?

Watch this video for NEW features that help with this 👉 kzbin.info/www/bejne/h6m1k2ypi5infrcsi=sNKiLJPj-HxUyeFF

Nope! Not supported yet...PG is working on it, stay tuned!

I just watched this ... kzbin.info/www/bejne/hYiqh6KAgsl8iMU which has helped clear this up.

I don’t think there is anything on the public roadmap on removing the need for traditional domain controllers, but it is one of the most requested features, and all I can say is that the product team very actively listens to feedback. YES I would look at AADDS in born in the cloud companies who don’t already have traditional domain controllers Let me know if that clears it up

awesome, glad it helped!