I found this question, Creating a multi-tenant AD environment, and per it in 2014 this wasn't possible. However, new to Azure and maybe it's changed. Can you have multiple, separate directories within a single Azure tenant. I have a client that has subclients that each receive their own servers. I want the subclients to have their own directory without having to give them their own tenant.
Thanks, Brandon
A think I've found the way to do this, and would love comment from anyone that has. There is an Azure AD Domain Services offering that can be set up to create AD infrastructures independent from the tenant's .
https://azure.microsoft.com/en-us/services/active-directory-ds/
Azure AD DS won't do what you want. Firstly you can only have 1 instance of AAD DS, secondly, AAD DS replicates the data from AAD. You can add users to AAD DS directly, but unless they are in the right location you won't see them in AAD.
It's not overly clear what you want to achieve here, but in reality with AAD, the only way you will do this is to have a Tenant for each client, or have all clients share one Tenant (and the possible security issues that goe with that). If you have a Tenant per client, you can still add users from another Tenant, so if your concern is adding management or support users from your Tenant, you can still do this.
