That’s a little bit of a trick question.
If you are leveraging Microsoft Active Directory as your directory service on-prem, you are potentially going to need to spin-up Azure Active Directory as well. Microsoft’s identity management strategy has been to leverage Active Directory for your on-prem resources and Azure Active Directory for your cloud-based resources hosted at Azure, which includes Office 365.
Basically, if you are moving to Office 365, Microsoft still wants to keep you on-prem with Active Directory.
That’s a significant challenge for organizations looking to make the jump to the cloud. The trick part of the question of how Office 365 can work with your existing directory service is that many of the organizations making the leap to O365 don’t actually leverage AD, OpenLDAP, or another on-prem directory service.
Q: How Can I Leverage Office 365 Credentials Beyond O365?
IT organizations that haven’t invested in a directory service quickly face the question, “How can I leverage my Office 365 credentials to be more than just access to O365?”
With virtually every user having O365 access, it makes sense to try and centralize around that platform. Unfortunately, you can’t leverage Azure Active Directory to be the cloud-based directory service because it won’t authenticate your on-prem systems, applications, or networks. Furthermore, it won’t play nice with AWS, Google Compute Engine, Google Apps for Work, or other third-party platforms. However, the appeal to leverage O365 as something more remains.
A: Unified Cloud Directory Service
For many IT organizations, the answer is Directory-as-a-Service® from JumpCloud. This cloud-based directory service seamlessly integrates with Office 365, Google Apps, AWS, Google Compute Engine, and Azure.
Flawless integration is achieved with on-prem systems, applications, and networks as well. It is an independent directory service that treats Mac, Windows, and Linux machines all as first-class citizens. IT resources can be on-prem, in the cloud, or anywhere else around the world, really. The SaaS-based directory service will handle those variances just fine. Add in multiple protocol support with LDAP, RADIUS, SAML, REST, and more, and suddenly this begins to look like the unified cloud directory to centrally manage all users and the IT resources that they need to access.
Bonus Round: Directory-as-a-Service Replaces Active Directory
If you don’t have a directory service, then Directory-as-a-Service could be a perfect complement to your move to Office 365. If you are already leveraging Active Directory, you understand the pain of having multiple systems in different locations. Seriously consider moving your entire infrastructure to the cloud via this Identity-as-a-Service platform. You will not only save yourself the headache of managing a hybrid cloud model, you will also break the Microsoft lock-in problem at the same time.
Drop us a note if we can help you think about how O365 can work with your existing directory service. If you don’t have one, we’d be happy to help you think through what you might need. In the meantime, feel free to give Directory-as-a-Service a try for yourself. Your first 10 users are free forever.