Hosting Azure Active Directory and retiring on-prem AD

Background:- We have Office 365 licenses and all employees have their individual mailboxes. Currently there is one Domain Controller, which not only hosts Active directory but also acts as DNS and DHCP Server. Intent is to retire on-prem AD and use Azure Active Directory.

Question:- Since we do not want to use on-prem AD anymore AD Connect is not the solution we should be proceeding with that leaves us creating a VM in Azure and designate it as Domain Controller and use it as a) Azure Active Directory, DNS & DHCP server? b) DHCP and DNS Server should be hosted locally or Azure VM can act as DNS/DHCP Server? c) Do we also need to use VPN service here to secure the network? Or VPN Service comes integrated?

Sorry for the long list of queries, I am a noob to Windows AD as I have been working on SAN.

Your inputs are highly appreciated & also help me to take appropriate decision.

Solution 1:

Ciao, in short Azure AD is not a replacement for onpremises AD. Even though it can be extended with (Azure AD) Domain Services, it cannot replace a traditional AD with onprem infrastructure related services (DNS, DHCP won't be available to your local network). Refer to the documentation for a comparison.