By Greg Keller Posted January 28, 2016
As more of the IT infrastructure moves to the cloud, one longtime on-premises piece of the IT landscape is looking to join the movement. Microsoft Active Directory has been a mainstay within organizations for over a decade and a half. It functions as an organization’s core identity provider, primarily connecting users to the Microsoft Windows-based resources that they need. The challenge for IT admins is, how do they leverage a hosted Active Directory solution that meets their new cloud-forward needs?
Inspecting IT Networks through One Window
IT networks have changed dramatically since AD emerged back in the late 1990s. At that time, organizations were almost exclusively based on the Windows operating system. What did that look like? Windows-based devices, such as laptops, desktops, and servers, were the norm. Applications were built for Windows clients and servers. The IT infrastructure was hosted behind the organization’s firewall. Microsoft AD was built during this era and fine-tuned to work well in Windows-based, behind-the-firewall environments. As networks have shifted to being heterogeneous, and there is no longer a perimeter, the core Active Directory solution breaks down.
Active Directory Just Clouds the View
As a result, IT organizations are looking for a cloud-based directory services solution. Often, the first impulse is to leverage a hosted AD approach. Why? By placing AD in the cloud, users can connect to AD despite being located all over the world. In addition, servers and other cloud-based devices can connect to AD. Historically, when AD has been hosted on-prem, networking challenges have limited its ability to connect to cloud infrastructure. Once the AD instance moves to the cloud, networking becomes easier, but then security poses a significant issue because AD wasn’t meant to live on the public Internet.
Microsoft, of course, is aware of these challenges and advises against placing the on-prem AD in the cloud. Instead, they recommend leveraging the the cloud-based Azure Active Directory solution. Azure AD has recently been introduced as a cloud-based directory service. Unfortunately for IT admins, Azure AD doesn’t function as a core user directory for all of their users and devices. Azure AD is meant to service Azure-related servers. As a result, a hosted Azure AD doesn’t connect users to on-prem systems or applications. It also doesn’t enable device management for all of the major platforms, including Mac and Linux.
Sunny Skies Ahead for Cloud-Based Directory-as-a-Service
There are alternatives to hosting Microsoft Active Directory in the cloud. A modern approach to cloud-based directory services is called Directory-as-a-Service. Known as DaaS, it services users with virtually any systems, cloud or on-prem applications, and WiFi networks. Unlike Azure AD, Directory-as-a-Service also seamlessly integrates with Google Apps. For cloud-forward organizations with heterogeneous environments, a cloud-based identity provider is a strong option.
If you would like to learn more about the advantages and disadvantages of a hosted Active Directory, drop us a note. We’d be happy to discuss why we believe Directory-as-a-Service is a better option for most organizations.