Azure Active Directory Domain Services provides domain services in a managed Azure environment and integrates with existing Azure AD tenants. It supports user authentication and authorisation, as well as machine authentication and domain join. AADDS can also be used to manage virtual machines (VMs) that are not joined to a domain but need to access domain resources, enabling secure, efficient, and scalable access to on-premises resources from the cloud. It provides domain services, such as domain join, group policy, and domain name system (DNS), without the need for deploying domain controllers on-premises.
Azure AD DS integrates with your existing Azure AD tenant. This integration lets users sign into services and applications connected to the managed domain using their existing credentials. You can also use existing groups and user accounts to secure access to resources. These features provide a smoother lift-and-shift of on-premises resources to Azure.