By Greg Keller Posted September 19, 2016
Many IT admins ask the question: do I need Microsoft Active Directory when I am moving to Office 365 if Azure Active Directory is present as well? While the answer can be complicated based on your needs, the simple answer is, “No.”
In fact, you don’t need to have Active Directory or Azure Active Directory when you are moving to the cloud-based productivity platform O365.
Office 365: The Bigger Picture
Let’s step back so we can understand the problem and the opportunity here. Many organizations have been leveraging on-prem Microsoft technology, including Exchange, Office, and AD. In fact, up until maybe the past five to seven years, most organizations were completely built on the Microsoft stack.
With the advent of Google Apps, AWS, Macs, and Linux, the modern organization looks quite different. In fact, many of these cloud-forward businesses may not have any Microsoft within their infrastructure. It’s a dramatic change from where organizations were a decade ago.
Regardless of whether or not they’re Microsoft-centric, many organizations are indeed choosing the Microsoft Office 365 platform. With hosted email and Office applications, it is a core platform with over 20 million users (source: Microsoft). As organizations move to the cloud with O365, they are faced with a cascading set of questions. Many of those questions have to do with how they will manage and implement user access control with O365. With Exchange effectively being traded out for O365, IT organizations wonder about whether they need Active Directory. Then, once they venture down that path, they will often investigate whether Azure Active Directory could be an alternative to AD on-prem. That would allow them to completely move to the cloud and eliminate both Exchange and AD from their local infrastructure.
Three’s A Crowd: O365, On-Prem AD, Cloud-Based Azure Active Directory
Unfortunately, this is where it gets a bit more complicated. If you are an all Microsoft shop – meaning you only have Windows machines, Azure, and Microsoft-based applications – then you probably will want to implement AD on-prem and Azure AD in the cloud. You will connect those up with O365 and you will be able to manage your users and their O365 access, including single sign-on there.
If you have any non-Microsoft components in your architecture, you are going to struggle with leveraging AD or Azure AD. Among many other platforms and services, these non-Microsoft components could include AWS, Google Apps, Linux, or Macs.
Connecting those various systems to an on-prem Active Directory or the cloud-based Azure Active Directory is painful. You will face configuration, networking, and security challenges. O365 may help you move to the cloud, but taking that approach for directory services will not.
JumpCloud: Central Control and Unity Across Platforms
There is a better way to leverage O365 and the myriad cloud and SaaS solutions that your organization needs. That approach is to leverage a cross-platform cloud-hosted directory service. Rather than relying on a single vendor platform, simply leverage Directory-as-a-Service®.
This approach to the cloud directory treats Linux, Mac, and Windows devices all as first-class entities. Google Apps and Office 365 are both tightly integrated. Whether your servers are hosted at AWS, Azure, or Google Compute Engine, you will be able to centrally control them all. And, whether your employees and contractors are located at your offices or out in the field, you will be able to centrally control user access without layers of overhead as with VPNs.
Directory-as-a-Service is what Office 365 and Azure Active Directory should be together.
If you would like to learn more about how you can completely shift your organization to the cloud, drop us a note. You are invited to give JumpCloud a try with O365. Your first 10 users are free forever.