By Greg Keller Posted July 2, 2019
Many organizations are making the shift to Microsoft® Office 365®. Reasons include:
- Ability to move their email to the cloud
- Office suite of software
- Document sharing and storage
- Video conferencing
Microsoft is bundling a number of their products together beyond just their traditional Office suite to appeal to IT organizations. Those solutions are driving the mass adoption of Office 365. That adoption is causing a downstream problem for IT admins: how to manage identities.
In fact, many IT organizations are wondering if O365 can be their identity provider as well.
Office 365 as Identity Provider
There are a lot of good reasons that IT is looking to use Office 365 to provision and manage identities. If you are shifting your entire productivity platform to the cloud, you will want a lot more of your IT infrastructure to go with it.
Data centers are now being converted to cloud infrastructure platforms, for example, AWS. Furthermore, many on-prem applications (e.g. CRM, accounting, and internal chat) are making their way to SaaS-based applications hosted in the cloud.
When you move email, the Office suite, or another core IT platform to be cloud hosted, it seems logical that you’d like to do more with that platform.
Assumptions About O365 and Active Directory
Traditionally, email – Microsoft Exchange – has been hosted on-prem and tightly aligned with the identity provider. Just about every person in an organization has email, so it made sense to closely tie it to Microsoft Active Directory.
AD and Exchange were a formidable combination on-prem and became the de facto monopoly for back-end infrastructure through the 2000s.
As Microsoft has shifted Exchange to be cloud-delivered, many IT admins are wondering how they should deal with the other half of the duo, Active Directory. There’s an assumption that O365 covers these capabilities or, at least, the Azure platform with their version of Active Directory, called Azure Active Directory, will solve the problem.
However, that’s not how Microsoft’s identity management strategy is designed.
Realities of Microsoft’s Identity Management Strategy
While there has been a shift to Office 365 for email and the productivity suite, Microsoft is still focused on having Active Directory be the core identity provider for organizations.
The reality is that AD will still have to federate identities to Azure AD, where it can control O365 and Azure-related services. So, while many IT admins will believe that they are making the leap to the cloud – unfortunately – they will still have one foot very much stuck in the on-prem world with Active Directory.
Expect More from an Active Directory Replacement Solution
The good news for IT organizations is that they don’t need to follow this strategy. There is a way for your organization to leverage O365 as your identity provider. Instead of tying your identity management strategy to AD, you completely move to the cloud with your identity management platform. Instead of Active Directory, you can leverage Directory-as-a-Service®, an Active Directory replacement solution.
Directory-as-a-Service seamlessly integrates with Office 365 to provision, de-provision, and sync identities. Your end users can leverage their Office 365 credentials to be those that they use on their laptop, with AWS servers, with on-prem applications such as OpenVPN or MySQL, for SaaS applications, and for WiFi authentication.
JumpCloud’s Directory-as-a-Service can effectively and easily allow you to leverage O365 as your identity provider to your end users.
JumpCloud Enables O365 as Your Identity Provider
With a cloud-based directory service tightly integrated with Office 365, you can completely make the jump to the cloud. No longer will you have to have one foot on-prem and one in the cloud. To learn more about how Directory-as-a-Service can support your identity management needs, drop us a note.
Finally, feel free to give our unified cloud directory as a try for yourself. Your first 10 users are free forever.