Beyond the obvious difference of the location of the solution to the actual solution, there are a number of differences between Microsoft®’s two directory services. Realistically, if Microsoft had their way, there would be one directory service available. Unfortunately, the move to the cloud has forced Microsoft into a position where they now have two services. The two, while having a number of similarities, come from different code bases and serve very different purposes. As much as Microsoft would like to talk about them both at the same time, they serve vastly different purposes.
Active Directory®’s Limitations
For organizations that are searching for control over their on-premises devices and applications, the original Microsoft Active Directory® (AD) is, seemingly, a potential choice. Of course, the legacy AD works closely with Windows® devices and users and it also works well with Windows applications. As most IT admins already know, AD is a poor choice for multi-platform environments. Additionally, for organizations with Linux®-based applications, AD and its associated IT admins will have issues controlling their user accounts. AD also struggles significantly when connecting to cloud based servers and applications. These problems are part of the reason that Microsoft embarked on Azure® Active Directory®.
Azure® Active Directory® a Fitting Replacement?
As organizations look to move a great deal of their infrastructure to Azure, AD ceases to become the right option. Azure AD therefore, becomes the solution that is recommended. Azure AD sits within the infrastructure in Azure and it enables organizations to have a central directory service for their cloud servers and applications such as Office 365™. Invariably, Azure AD isn’t a solution for organizations that leverage AWS® or G Suite™, or for that matter, any other third party providers. In the case that your business is leveraging Microsoft Azure, Azure AD can be a valuable solution for you and your company.
However, your organization needs both control over on-premises devices and applications as well as support for cloud-based infrastructure, you’ll likely utilize both directory services. As an IT admin, your core user database will be the on-premises AD and those users will be synched to the cloud-based Azure Active Directory, resulting in organizations being able to solve their directory services needs across both on-premises and cloud services. The primary use case for this scenario is, again for organizations that are primarily based on Windows and Azure. However, if you are leveraging G Suite, AWS, or other non-Microsoft solutions, you will struggle with having the two AD versions in your environment.
Multiple Platforms Raise the Bar
For organizations that are heterogeneous in their platforms, there are better options than trying to force fit either AD or Azure AD. Over the last few years, a new generation of directory services solutions have emerged. JumpCloud®’s platform called Directory-as-a-Service® (DaaS) is a cross-platform, cloud-based directory that can integrate on-premises IT resources and cloud as well. DaaS ensures that the differences between the on-premises AD and the cloud-based Azure Active Directory doesn’t matter as an organization’s core directory service cuts across all platforms and locations.
If you would like to learn more about your directory services options – both from Microsoft and elsewhere, drop us a note. We’d be happy to walk through your options based on your internal requirements.