Can I Move Active Directory to the Cloud?

Written by Greg Keller on January 29, 2021

Share This Article

Updated on January 29, 2021

A question we’ve heard many IT admins ask is, “Can I move my Active Directory to the Cloud?” This question has become ever more relevant due to the work from home orders around the world, and the growing desire of employees to continue to work from home (at least part of the week) on a regular basis. Admins are seeing the trend of the tech world moving all things to the cloud along with remote workers, and they want to be able to manage them all through the cloud as well. 

Unfortunately, it’s just not easy to move AD to the cloud, nor have it function properly if you do. Why does Microsoft Active Directory® remain stuck on-premise when innovative technologies are right in front of their eyes? Isn’t Azure Active Directory (AAD) the cloud version of AD? It’s not that Microsoft doesn’t see the possibilities for improvements to their directory platform or a move to AAD; their reasons are strategic.

Microsoft couldn’t have imagined a better lock-in strategy than Active Directory®, which they are now trying to employ with Azure AD. When AD emerged in late 1999, the world was already 90%+ Microsoft Windows. The monopoly was already in existence. Office and Exchange made it even stronger, but there was perhaps no better move than to leverage Active Directory to drive the nail into their lock-in strategy.

How Microsoft Took Over the Back Office

Before moving Active Directory to the Cloud

In the 1990s, IT organizations were moving to more complex networks. Virtually every organization was building LANs and then moving to WANs with the commercial emergence of the Internet. IT was becoming a core part of the organization. Whether the organization was a technology company or not, back-office IT functions were becoming critical to the business. In the late 1990s and 2000s, many organizations started to sell their solutions online or support them online. Customer interactions were becoming more useful and powerful via the Internet. To support this critical part of the organization, IT needed to get everybody in the organization into using technology.

While today computing and internet access is fairly ubiquitous, twenty years ago that was hardly the case. Microsoft’s vision then was a computer on every desk, and so that was what IT was doing too. In order to enable that setup, Microsoft created Active Directory. 

Every Windows system placed on somebody’s desk could now be managed. User access could be centrally controlled and the machine could be managed, remotely, but within the confines of the office (or in Microsoft parlance, the domain). This was an incredibly powerful innovation. Directory services were hardly new, but Microsoft’s delivery of it to mainstream IT was game changing. IT organizations could now easily place a Windows device in everybody’s hands, but still maintain the control that they needed.

Add to that the ability for AD to also control access to the internal network and applications, and now there was even more control. Of course, what Active Directory could control was all Window-based. Unix machines were largely outside of the purview of AD. Mac systems weren’t welcome. In fact, in the early 2000s IT organizations dictated what devices the organization used – a far cry from today’s user driven selections of hardware. All of this was made easier because of Active Directory. The more stagnant Microsoft remained, the more organizations wanted an all-Windows environment. The virtuous cycle was complete and the beneficiary: Microsoft’s bank account.

You Can’t Easily & Fully Move Active Directory to the Cloud

More Windows machines and applications meant that Active Directory centrally controlled more of the IT network. As IT relied more on AD, there was more pressure on only choosing systems and applications that could be controlled by AD. Non-Windows platforms were hardly well supported and the Microsoft monopoly was well protected.

Of course with any monopoly, the drive to satisfy customers and innovate is hardly an incentive. Why would Microsoft risk their ownership over the market by potentially adding a capability or product that would be a counter to their winning strategy. Supporting third party solutions was not a priority, and neither was helping organizations move to the cloud. Of course, both of these things happened through the latter part of the 2000s, but not before Microsoft was able to milk their cash cows for billions in profits.

Microsoft is following the same playbook with Azure. This time, though, Microsoft understands the pressure that they are under. IT organizations have woken up to the Microsoft lock-in problem and desperately want to avoid that for the next two decades. That doesn’t mean that IT organizations don’t find value in Microsoft solutions – in fact, Office 365 is one of the fastest growing products in IT history – it means that IT admins want the flexibility to choose what solutions are best for their team. That starts with replacing Active Directory as the control point.

Even Microsoft realizes this and has started to change their stance. Microsoft has developed Azure Active Directory as an adjunct to the on-prem AD to extend AD identities to the Azure cloud and select web applications. While they still don’t make it easy to work with Mac, Linux, non-Windows on-prem applications, third party file storage systems, and networking equipment, it is a major step for them to assist in the transition of their customers to Azure, which continues to fill their coffers.

Gaining Flexibility with Your Directory

One of the leading next generation directories is JumpCloud’s Directory Platform. This cloud directory platform is focused on giving IT admins back control over the enterprise, by creating a directory that can manage all major systems (Mac, Windows, Linux), cloud and on-prem servers (e.g. AWS, GCP, internal data centers, etc.), networks (Cloud RADIUS), data through physical and virtual file servers, single sign-on to applications (web and on-prem), and more through one central web platform. Through a unified cloud directory, admins, and perhaps more importantly, their end users have the ability to choose their solutions again.

Try JumpCloud Directory Platform for Free Today

Don’t stick with a directory that won’t fully move to the cloud even in the face of a changing landscape of work, innovation leading to freedom of choice, and a legacy on-premises approach. If you want to learn more about how you can regain control over your IT infrastructure with a more flexible directory platform, drop us a note. We would be happy to talk you through the capabilities and solutions that a cloud directory platform can provide. Alternatively, feel free to try out our cloud directory for yourself. Your first 10 users and 10 systems are free, with no credit card required, so there’s no reason not to give it a shot. We’ll even help you get setup with 10 days of premium 24×7 in-app chat support. Sign up for a free account here.

Continue Learning with our Newsletter