By George Lattimore Posted February 21, 2019
With an IT landscape that is rapidly shifting and changing, many IT admins are rightfully asking when to use Azure® AD. Most are well aware that Microsoft® Active Directory® (MAD) has been the foundation of IT networks for almost twenty years, but does that make Azure Active Directory its cloud successor? Well, not exactly. Let’s take a closer look at where the need for Azure AD came from and when to use Azure AD in modern IT environments.
Azure AD Supplementary to Active Directory
First of all, we should clear up any misconceptions right out of the gate. Azure AD isn’t a replacement to Active Directory. Even according to this Microsoft representative, Azure AD is a complementary piece to the identity management puzzle for organizations. Why would Microsoft do it this way and not provide a direct cloud alternative? Well, it’s no secret that Windows® Servers have accrued billions in revenue, and Microsoft didn’t want to undercut their on-prem dominance. If they had released a direct cloud replacement, how would all their enterprise customers feel about their massive on-prem server investments?
With this in mind, it makes sense why many IT admins are confused about when to use Azure AD and when other solutions may be more helpful. In order to understand when and why Azure AD makes the most sense, we should step back to understand Microsoft’s preferred strategy and approach.
On-Prem Perimeter Breaks Down
Most organizations traditionally had Active Directory on-prem and they were able to manage their Windows-based systems, servers, and applications quite easily. The concept of the domain was an important construct and IT admins enjoyed the benefits of control through that. From this, end users were able to access whatever they needed once they logged into their Windows laptop or desktop.
However, that model started to break down as the IT networks shifted to cloud infrastructure (e.g. AWS®), web applications (e.g. Slack, GitHub, and Salesforce®), macOS® and Linux® systems, Samba file servers and NAS appliances for storage, and WiFi networks. All of these non-Windows resources were a struggle to connect to AD and encouraged organizations to search out other routes for access and security.
Building Over AD’s Roadblocks
The result was that IT organizations started to build on top of AD with add-ons such as identity bridges, privileged identity management, web application single sign-on (SSO), two-factor authentication (2FA), and other solutions. Microsoft soon became wary of this shift away from their platforms towards AWS, G Suite™, etc. To defend their stronghold, they built Azure and extended the concept of Active Directory to build a domain with their Azure infrastructure through Azure AD. IT admins that decided to shift to Azure rather than AWS, GCP, and others, could add-on to their on-prem Active Directory instances and extend their identities to Azure.
While this approach made a great deal of sense for all-Microsoft shops, it fell short for most modern organizations that were using Macs, Linux, and other non-Microsoft resources. The concept of Azure AD didn’t really help those that wanted to transition to a cloud directory service from AD, because Microsoft hadn’t designed it that way. What these organizations needed was to centrally and securely manage virtually any platform or provider with vendor-neutral cloud IAM.
Transitioning to a Flexible Cloud IAM Platform
For any organization that doesn’t fit Active Directory’s mold, or wants to avoid vendor lock-in for the next two decades, JumpCloud Directory-as-a-Service® provides identity and access management from the cloud. Independent of location, platform, provider, or protocol, JumpCloud is helping enterprises and organizations move their infrastructure to the cloud and leverage best-in-class technology.
If you’d like to hear more about when to use Azure AD, or how Jumpcloud can help your organization reach its full potential, drop us a note. Furthermore, signing up for Directory-as-a-Service is free, so feel get started exploring all the features and functionality the platform has to offer. Your first 10 users on the house, forever.