Hi, My question relates to Microsoft Azure - i'm not too familiar with it or how it integrates with on prem structure, so here are my questions:
1) I have multiple forests across my company and the company.com domain is at the Head Of one of the forest structures. I have an application that is going into the Azure cloud and I wanted to ask, how the other forests will be able to resolve the IPs of the machines added to Azure onto this compnay.com doamin? Obviously those users who are either directly under or under in the child domain, will be able to see this domain but those forests who are only connected via Site to Site VPN, (trust relationships are established), how will they resolve?
2) I have three projects ongoing, one is Office 365, the second is a cloud app and the third is another Cloud appp. Is it better to setup one tentancy and three subscriptions or multiple tentancy with one subscriptions each? What are the reasons for standardising this process.
3) I would like single sigon, how can I acheive this? Azure AD is available but not in use - if i need SSO, how can i achieve this for the other domains as well.