The ROI of Replacing Active Directory®

By Rajat Bhargava Posted November 2, 2016

There’s a strong movement to replace Microsoft Active Directory. While there are many reasons for this, one of the most important questions that IT organizations often ask is this: “What is the ROI for replacing Active Directory?”

It’s an interesting discussion to analyze what the cost is of Active Directory and what the cost is of choosing an Active Directory alternative. If you are interested in digging into this deeper, drop us a note. We have a calculator that can help you determine the costs of running Active Directory and comparing that to other directory services solutions.

The ROI is different for each organization and dependent upon their situation. We’d encourage anybody thinking seriously about their Active Directory costs to take a holistic view. Directory services touch a great deal of an organization’s IT infrastructure.

Software Costs

ROI for replacing active directory

Many people think that Active Directory is free. In fact, we hear that all of the time. Many folks believe that it’s included in their ELA. Or that since Active Directory is a part of Windows Server, they don’t pay for it. This is technically true. However, as we all know, nothing is free.

The real discussion here is whether you truly need to have a Microsoft ELA or whether you need to have Windows Server CALs or client CALs. We hear from many organizations that the only reason they have Windows Server CALs and client CALs is for AD. Remember, you need CALs for each user that is connecting to AD. That can add up rather quickly.

Third-Party Integrations 2016-07-22 12-42-05

We all know that Active Directory is focused on Windows user management. When you start to add in macOS, Linux, and other platforms, you are often stuck purchasing additional software. When you factor in solutions for controlling WiFi authentication via RADIUS or multi-factor authentication, you are quickly adding more components to your identity management architecture.

Hardware Costs


When you are hosting your own legacy directory service, you are responsible for the hardware. Often, AD is deployed at each major location. It also needs to run in a high-availability mode. User authentication is a 100% uptime solution. Not only do these hardware costs quickly add up, but the servers also need to be rotated on a regular basis to keep up with new software and scale.

Data Center / Networking Costs


On top of the hardware costs, you will need to factor in data center costs as well. These can start to add up because you are being charged for the hosting, networking, and backup services.

Maintenance and Management Costs

Perhaps one of the most significant costs in using Active Directory is the maintenance and management costs. AD requires dedicated resources to install, configure, and manage it. The IT organization is responsible for keeping the system operational. Additionally, IT is always in the middle of password resets, user account onboarding and offboarding, SSH key management, and more because AD has little end-user control functionality.

Opportunity Costs

By spending time on running your own Active Directory infrastructure, you are making a choice that this activity is more important than many others. When it is possible to outsource your directory services, the opportunity cost is high for an organization to run their own directory services infrastructure.

So What is The ROI for Replacing Active Directory?

While the dollar amounts for each organization will be different, the core question is still the same. What is the ROI for replacing Active Directory?

That question can create a comparison scenario when you have an alternative to Active Directory. That AD replacement is Directory-as-a-Service®. It is an independent, cloud-hosted directory service. Since the unified cloud directory works with Mac OS X, Linux, Google Apps, AWS, and more, it means that you have a single cloud identity management platform.


Further, the virtual identity provider is delivered as a SaaS-based service, dramatically reducing the level of effort that organizations need to expend. There is no hardware to purchase, software to manage, and infrastructure to run. In addition, the cloud directory services platform has deep end-user capabilities which let users solve many of their own problems without involving IT.

With the advent of Directory-as-a-Service, the ROI for replacing Active Directory is pretty high. Contact us to learn more about the benefits of replacing AD and how that translates into more efficient and cost-effective IT. Please give our Identity-as-a-Service platform a try for yourself. Your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts