Directory Sync and Conditional Access

I want to move to Exchange Online and use Conditional Access to restrict how users connect, with what and where from.  However, I dont want to use Azure AD, I want to use my own AD with Directory Sync.  Is this possible, or do I have to use Azure AD in order to use Conditional Access and incur the extra costs of the Azure AD premium license.
DCAsked:
Who is Participating?
 
Cliff GaliherCommented:
First, a clarification.  Exchange Online (and all of Office 365) *always* uses Azure AD. Even if you are using a directory syncing tool, it is syncing your directory to Azure AD.  Always.

Now, there are free versions of Azure AD and paid versions.

Conditional access is not in the free or basic tiers. It is in Premium 1 or 2 only.

https://azure.microsoft.com/en-us/pricing/details/active-directory/

So yes, if you want conditional access, you must incur that licensing cost.  You *can* sync your directory with Azure AD P1 or P2 though. So you won't need to maintain two accounts. But you will be paying for the conditional access feature.
0
 
DCAuthor Commented:
Hi Cliff

That all looks pretty clear to me.  So I sync my AD with Azure AD and manage my AD from my internal domain, which then syncs with Azure AD.  I can then also use Conditional Access.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.