I have an on-premise domain called "mydomain.com". I'm wanting to
extend this domain to Azure via active directory domain services. When
setting the ADDS in azure, should I use a different domain name such
as "azure.mydomain.com" or use the same one as my on-premise
"mydomain.com"?
Azure AD Domain Services provides managed domain services seamlessly regardless of whether your Azure AD tenant is cloud-only or synced with your on-premises Active Directory.
For the domain name in AADDS, you have many choices:
- Built-in domain name: By default, the wizard specifies the default/built-in domain name of the directory (with a .onmicrosoft.com suffix) for you.
- Custom domain names: You can also type in a custom domain name.
- Non-routable domain suffixes: We generally recommend avoiding a non-routable domain name suffix.
- Domain prefix restrictions: The prefix of your specified domain name (for example, contoso100 in the contoso100.com domain name) must contain 15 or fewer characters.
- Network name conflicts: Ensure that the DNS domain name you have chosen for the managed domain does not already exist in the virtual network.
If you just want to extend your on-premise domain to the Azure, you don't need to use AADDS to make this, you could just use Azure AD Connect to sync your on-premise domain to the Azure. Because if you want to use AADDS, you also need to sync the on-premise to the azure.
Also, does this configuration require a VPN connection via the gateway
or can on-premise domains be extended to Azure over the public
internet?
The process of configuration doesn't require a VPN connection, it just uses the Azure AD Connect to do the synchronization.
Another question relates to if the free Azure AD is needed for this
type of deployment or do you have to use Azure Domain Services in
addition to the free Azure AD provided by the tenent?
The AADDS needs a subscription when you configure it, there is no requirement about the AAD.
