In a few weeks, Windows 10 users can bypass their domain controllers (on premise) and join their W10 computer directly to their corporate domain on the Internet.  This new feature significantly reduces the complexity (and management cost) that was first introduced with Windows 2000.

The key to this is Azure AD Join, a new Windows 10 feature for configuring and deploying corp-owned Windows devices. Like traditional Domain Join, Azure AD Join registers devices in the directory so that they are visible and can be managed by an organization. But with Azure AD Join, Windows authenticates directly to Azure AD, no Domain Controller needed (unless you want to use one of course).

Full Story: AD Blog