10 Questions to Answer Before Replacing Active Directory

Written by Greg Keller on October 24, 2016

Share This Article

The movement to replace Microsoft Active Directory is in full swing. As IT organizations move to the cloud, any vestiges of the old traditional way of doing things is being removed.


Active Directory has made it through this process largely unscathed until recently. With the advent of Directory-as-a-Service, there is now a credible alternative to Active Directory.

Even so, many IT admins are reluctant to make the move to a cloud-based directory service. This is understandable, considering how deeply AD has been entrenched in IT infrastructure since its debut in 1999.

The 10 question checklist below should help allay fears with moving from Active Directory to Directory-as-a-Service.

10 Questions to Answer when Replacing Active Directory


For many organizations, Active Directory has become more of a security blanket than a central identity management platform.

With only one out of five devices being Windows today [Forbes], Active Directory is managing fewer and fewer of an organization’s users and IT resources. To better help you understand whether replacing Active Directory is the right choice for you, answer the following questions. They will help you get a sense for which direction you should head in.

  1. Are you currently in the cloud or moving towards the cloud?
  2. What platforms do you support?
  3. Do you leverage cloud and/or on-prem applications?
  4. How do users login to your internal network?
  5. Do you leverage Infrastructure-as-a-Service or do you have your own data centers?
  6. Do you leverage Google Apps and/or Office 365?
  7. Have you customized your Active Directory schema for specific applications or systems?
  8. Are you subject to any regulatory requirements that prohibit cloud deployments?
  9. Do you have a Microsoft Enterprise License Agreement?
  10. What are your costs to run Active Directory?

Many of these questions are open ended and really should be taken in the context of what you are doing today and what you are planning to do in the future. There is also an overriding component of where you would like to go from an end user experience perspective. You may be interested in making significant improvements to how your users access their IT resources and Active Directory often limits what you can do with non-Microsoft assets.

Bringing it All Together


The simple view is that if you are making the move to the cloud and starting to become more heterogeneous, you will be better off moving to Directory-as-a-Service. If you are tied to Windows and on-prem for whatever reason, then you are likely better off staying with Active Directory. There is little question that cloud identity management will be the future, but the right time to make the leap to Identity-as-a-Service platforms will depend on each organization’s circumstances.

If you would like to learn more about answering these 10 questions before replacing Active Directory, drop us a note. We’d be happy to talk through the pros and cons of cloud directory services and whether they may be helpful to you. If you would like to compare Directory-as-a-Service to Active Directory, sign-up for a free account.

Greg Keller

JumpCloud CTO, Greg Keller is a career product visionary and executive management leader. With over two decades of product management, product marketing, and operations experience ranging from startups to global organizations, Greg excels in successful go-to-market execution.

Continue Learning with our Newsletter