TCO of Active Directory® vs Directory-as-a-Service®

Written by Rajat Bhargava on December 20, 2016

Share This Article

As IT admins try to determine the right directory services solution for their organization – Microsoft Active Directory® or Directory-as-a-Service® – the topic inevitably turns to cost. Which cloud identity management platform is the best fit and most cost-effective solution for the organization?

Before we dive into the TCO of Active Directory vs Directory-as-a-Service, it is important to highlight why each solution is valuable to IT organizations.

Overview of Microsoft Active Directory  


Active Directory is the on-prem, legacy directory services solution. It is deeply connected to Microsoft Windows. It manages users as well as Windows devices and applications that are within the domain. AD is an excellent choice for predominantly Windows-based, on-prem organizations that don’t have plans to move to the cloud. As organizations move to the cloud and turn to different operating system platforms, Active Directory isn’t the right identity management solution.

Overview of JumpCloud Directory-as-a-Service

jumpcloud directory-as-a-service

Directory-as-a-Service has emerged as the market leader for cloud-forward organizations. It connects users to IT resources regardless of platform, protocol, provider, and location. It tightly integrates with G Suite and Office 365 and then manages Windows, MacOS, and Linux users and devices. On-prem and cloud applications are easily connected to the central identity provider. Cloud RADIUS helps secure the WiFi network. Directory-as-a-Service is the next generation of cloud directory services.

How to Determine TCO (Total Cost of Ownership)


When comparing the TCO of Active Directory vs Directory-as-a-Service, it is critical to understand the different delivery models. Active Directory is a self-managed, on-prem solution whereas the IDaaS solution known as Directory-as-a-Service is delivered as a SaaS-based service. The difference in model makes it easy to understand and compare. Ultimately, there are many tasks conducted by the SaaS delivered directory service that need to be handled internally.

Active Directory TCO Equation

The way easiest way to see the cost of Active Directory is with an equation:

Costs of Active Directory = servers + software + hosting + backup + security + monitoring + VPNs + IT admin + third-party SW + multi-factor authentication + governance

Each of these costs needs to be investigated and determined. The challenge for most IT organizations is that many of these costs are considered fixed.

With the move to the cloud, though, IT organizations need to look more critically at the costs of hosting, VPNs, monitoring, and security. These costs and others can be converted into variable costs, thereby reducing an IT organization’s overall cost structure.

If you would like more information on how these costs are tabulated, JumpCloud® can provide you with a helpful Active Directory ROI calculator.

Directory-as-a-Service TCO Equation

Since much of the work is handled for you, it is simpler to implement the Directory-as-a-Service solution. With DaaS, it is unnecessary to purchase and manage servers or software. Hosting, backups, security, and monitoring are all handled by the cloud identity management provider. There is no need for VPNs or third-party software. Also, MFA and governance capabilities are included.

So, what’s left? Just the monthly per user cost for the service and the time of the IT admin running the service.

Making a Decision

When you compare the TCO of Active Directory vs Directory-as-a-Service, it really becomes a decision of what your IT infrastructure looks like and which solution is the best fit for your organization. If you would like to learn more about directory services and the costs of running an identity provider, drop us a note. We’d be happy to share our ROI calculator and to help you find the best solution for your organization.

Continue Learning with our Newsletter