What is Azure AD DS?

Written by George Lattimore on April 16, 2019

Share This Article

With so many IT functions moving to the cloud, IT admins are now looking at their infrastructure and wondering what is Azure® AD DS? How does it fit into the labyrinth of Azure server roles and product licenses Microsoft® is tying together? For those already leveraging Azure, Azure Active Directory® Domain Services (AD DS) can be an important concept to understand. Let’s take a look at Microsoft’s philosophy and strategy in the cloud and help clarify what is Azure AD DS in the process.

A Separate Domain in the Cloud

Microsoft has taken the concept of the domain controller from on-prem Active Directory and extended it to be within Azure as well. The idea with Azure AD DS is to create a domain within Azure that makes it easier to authenticate users to other Azure resources. There are essentially two ways that Azure AD DS can work: one, is to create a standalone Azure domain, and the other is to leverage the credentials from an on-prem Active Directory instance to the cloud in Azure AD. It’s important to note that the Azure AD domain is not an extension of the on-prem domain, but rather, it operates as a separate domain in the cloud.

For Microsoft-focused organizations with on-prem AD and Azure compute services, the concept of Azure AD DS can make a great deal of sense. The credentials of a Windows® user can effectively be extended to Azure via AD Connect. Further, IT admins don’t need to maintain the hardware and update software for Azure Active Directory Domain Services. The result for organizations that are virtually 100% Microsoft-based is that the idea of a cloud domain controller in Azure can make a great deal of sense.

The Problem for Mixed-Platform Environments

Mixed-platform environments

The challenge, however, is that for most organizations, a Microsoft-only solution simply isn’t practical, and won’t work across their office environment. Even in the infrastructure-as-a-service space, most organizations are leveraging AWS®, with Google Cloud Platform™ (GCP) emerging recently as another major player. On-prem macOS® and Linux® devices are becoming more and more prevalent, and then, of course, G Suite™ is often being leveraged as the productivity platform of choice.

The reality is that for mixed-platform environments, the concept of Azure AD DS doesn’t make much sense. Further, many IT admins are gravitating away from the complexity of leveraging a bunch of different solutions—Active Directory and AD Connect on-prem, Azure AD and Azure AD DS in the cloud, and then Intune or SCCM to manage systems—desiring simplicity and ease-of-use instead.

The Need for a Simple, Central Solution

To be clear, all of these Microsoft IT management solutions are excellent solutions in their own right, but IT organizations are often looking for a streamlined approach to their identity and access management (IAM). Identity and access management doesn’t need to operate as a cobweb of solutions for admins and MSPs to sort through. Ideally, in an increasingly complex office environment of platforms, web apps, WiFi, on-prem and cloud-based file servers, etc., there would be one IT management solution to centrally manage everything. Resources, users, networks, security, policies—the whole nine yards.

For those mixed-platform organizations especially, the concept of a neutral cloud directory service is often a better approach. Independent and protocol-driven, an ideal cloud directory could operate agnostically and altruistically without vendor lock-in or any bias to specific platforms, providers, or user locations. This is the vision of Directory-as-a-Service®, as the next generation cloud directory reimagines Active Directory for the modern era.

Learn More About What is Azure AD DS

If you’d like to understand more about what is Azure AD DS, and how JumpCloud® provides a vendor-neutral alternative for mixed-platform organizations, send us an email. A product expert will be happy to answer any questions you have. If you’re ready to explore the platform firsthand, sign up and dig in. The first 10 users you register can be managed free of charge, and all the features are there at your disposal.

George Lattimore

George is a writer at JumpCloud, a central source for authenticating, authorizing, and managing your IT infrastructure through the cloud. With a degree in Marketing and an MS in Public Communications and Technology, George enjoys writing about how the IT landscape is adapting to a diversified field of technology.

Continue Learning with our Newsletter