Can I Move Active Directory to the Cloud?

By Greg Keller Posted August 28, 2019

move ad to the cloud

A question we’ve heard many IT admins ask is, “Can I move my Active Directory to the Cloud?” Admins are seeing the trend of the tech world moving all things to the cloud, and they want to be able to manage them through the cloud as well. Unfortunately, it’s just not possible to move. Why does Microsoft Active Directory® remain stuck on-premise when innovative technologies are right in front of their eyes? It’s not that they don’t see the possibilities for improvements to their directory platform. Their reasons are strategic.

Microsoft couldn’t have imagined a better lock-in strategy than Active Directory®. When AD emerged in late 1999, the world was already 90%+ Microsoft Windows. The monopoly was already in existence. Office and Exchange made it even stronger, but there was perhaps no better move than to leverage Active Directory to drive the nail into their lock-in strategy.

How Microsoft Took Over the Back Office

Before moving Active Directory to the Cloud

IT organizations were moving to more complex networks. Virtually every organization was building LANs and then moving to WANs with the emergence of the Internet. IT was becoming a core part of the organization. Whether the organization was a technology company or not, back-office IT functions were becoming critical to the business. Many organizations started to sell their solutions online or support them online. Customer interactions were becoming more useful and powerful via the Internet. To support this critical part of the organization, IT needed to get everybody in the organization into using technology.

While today computing and internet access is ubiquitous, twenty years ago that was hardly the case. Microsoft’s vision then was still a computer on every desk, and so that was what IT was doing. In order to enable that setup, Microsoft created Active Directory. Every Windows system placed on somebody’s desk could now be managed. User access could be centrally controlled and the machine could be managed, remotely. This was an incredibly powerful innovation. Directory services were hardly new, but Microsoft’s delivery of it to mainstream IT was game changing. IT organizations could now easily place a Windows device in everybody’s hands, but still maintain the control that they needed.

Add to that the ability for AD to also control access to the internal network and applications, and now there was even more control. Of course, what Active Directory could control was all Window-based. Unix machines were largely outside of the purview of AD. Mac systems weren’t welcome. In fact, in the early 2000s IT organizations dictated what devices the organization used – a far cry from today’s user driven selections of hardware. All of this was made easier because of Active Directory. The more stagnant Microsoft remained, the more organizations wanted an all-Windows environment. The virtuous cycle was complete.

You Can’t Fully Move Active Directory to the Cloud

More Windows machines and applications meant that Active Directory centrally controlled more of the IT network. As IT relied more on AD, there was more pressure on only choosing systems and applications that could be controlled by AD. Non-Windows platforms were hardly well supported and the Microsoft monopoly was well protected.

Of course with any monopoly, the drive to satisfy customers and innovate is hardly an incentive. Why would Microsoft risk their ownership over the market by potentially adding a capability or product that would be a counter to their winning strategy. Supporting third-party solutions was not a priority, and neither was helping organizations move to the cloud. Of course, both of these things happened through the latter part of the 2000s, but not before Microsoft was able to milk their cash cows for billions in profits.

Microsoft is following the same playbook with Azure. This time, though, Microsoft understands the pressure that they are under. IT organizations have woken up to the Microsoft lock-in problem and desperately want to avoid that for the next two decades. That doesn’t mean that IT organizations don’t find value in Microsoft solutions – in fact, Office 365 is one of the fastest growing products in IT history – it means that IT admins want the flexibility to choose what solutions are best for their team. That starts with replacing Active Directory as the control point.

Gaining Flexibility with your Directory

One of the leading next generation directories is JumpCloud’s Directory-as-a-Service®. This cloud-based directory is focused on giving IT admins back control over the enterprise, by creating a directory that can manage all major systems (Mac, Windows, Linux), cloud and on-prem servers (e.g. AWS, GCP, internal data centers, etc.), networks (RADIUS-as-a-Service), data, applications (web and on-prem), and more through one central web platform. Through a unified cloud directory, admins have the ability to choose their solutions again.

Try Directory-as-a-Service for Free Today

Don’t stick with a directory that won’t fully move to the cloud even in the face of innovation, and insists on being stuck on-premise. If you want to learn more about how you can regain control over your IT infrastructure with a more flexible directory, drop us a note. We would be happy to talk you through the capabilities and solutions that a directory like DaaS can provide. Alternatively, feel free to try out our virtual cloud directory for yourself. Your first 10 users are free forever, with no credit card required, so there’s no reason not to give it a shot. Sign up for a free account here.

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts