Webinar: Learn how to improve WFH security in our Sept. 29 webinar with a former General Electric CIO & an industry analyst Register today

Azure AD for Remote Users




Most organizations today allow users to work remotely. Why? Well, among many work/life-related benefits, there’s less need to commute to the office as more organizations favor cloud-based infrastructure over on-prem. But, regardless of whether users work from home or at the office, their IT resources still need to be managed. Not doing so could lead to the loss or unauthorized alteration of data, not to mention a slew of help tickets.

In an effort to avoid those complications, IT admins are wondering if they can use Azure® Active Directory® (AAD) for remote users while foregoing Active Directory (AD) on-prem.

Azure AD Applications

Azure AD is the user management system for Azure and Office 365, so giving remote users access to those resources is definitely within its purview. Further, AAD can connect users to select web applications, as well as provide authentication services for Windows® 10 devices.

As long as your remote users only use Office 365, Windows 10 devices, and any of the web applications AAD connects to, AAD may suit your needs. Otherwise, you may end up needing an alternative to Azure AD to gain full management capabilities over remote users’ IT resources.

Azure AD Limitations

While not really it’s intended architecture, Azure AD can be used as the sole IdP for organizations leveraging Windows systems and Office 365. But without on-prem Active Directory, admins don’t have GPO management capabilities over their on-prem Windows systems or authentication control over on-prem applications. 

If your organization uses macOS®, Linux®, AWS®, G Suite™, Google Cloud Platform™ (GCP), or on-prem applications, Azure AD may present a few problems. It performs best in a Windows-centric environment, so you will likely need third-party solutions to manage systems outside that domain. 

For those non-Windows systems, AAD offers some single sign-on (SSO) capabilities over specific web applications. Managing cloud-based infrastructure like AWS/GCP are outside its scope, however. Management of user access for WiFi and VPN infrastructures also require additional solutions when you’re not pairing AAD with AD.

The result is that AAD is just one component in an overall Windows-centric system meant to manage remote users and their systems. To get as much as you can out of it for remote users, you’ll need to assemble the complete –– and expensive, on-prem –– AD package.

Alternatives for Remote Users

For organizations that want to manage Windows and non-Windows systems, web applications, and authenticate users through a wide range of protocols natively, Directory-as-a-Service® (DaaS) may be a better fit. It’s a cloud-based directory service that can be used for remote users on any system. It doesn’t matter whether users work on Windows, macOS, or Linux devices –– you can manage their IT resources without needing third-party tools.

To experience why DaaS may be better for remote users, schedule a demo or test it out for free. Your first ten users are free for life.


Recent Posts
Analyze user LDAP authentication events from a web-based portal or automatically export the data for more analysis. Try JumpCloud Free today.

Blog

Automate Reporting Across LDAP Apps, Networks, & Servers

Analyze user LDAP authentication events from a web-based portal or automatically export the data for more analysis. Try JumpCloud Free today.

JumpCloud is updating the Admin Portal to be able to import users from G Suite without opening a new tab, keeping the workflow in app.

Blog

G Suite Import Tool Changes

JumpCloud is updating the Admin Portal to be able to import users from G Suite without opening a new tab, keeping the workflow in app.

IT admins talk about enrolling in JumpCloud MDM, pulling disk space with System Insights, and MFA. Try JumpCloud Free.

Blog

The JumpCloud Lounge Q&A Roundup: Enrolling in JumpCloud MDM, Pulling Disk Space, & Using Hardware for MFA

IT admins talk about enrolling in JumpCloud MDM, pulling disk space with System Insights, and MFA. Try JumpCloud Free.