In Active Directory, Azure, Blog, Cloud Infrastructure, Directory-as-a-Service (DaaS), Identity and Access Management (IAM), Uncategorized

The fight to own the back-end infrastructure and productivity solution for organizations is on, and Google and Microsoft are waging the war. Google Apps for Work’s suite has made tremendous headway over the last few years with over 6 million organizations using its service. Microsoft has made tremendous progress with Office 365 and Azure. Many organizations are moving from the on-premises Microsoft Exchange to O365. The battle is at a critical stage, and a key part of that battle is how to deal with directory services. To that end, organizations are grappling with whether Azure Active Directory or Google Apps Directory is the right choice.

Addressing On-Premises Systems

For cloud-forward organizations, directory services is a difficult problem to solve. On one hand there is the move to the cloud with email and productivity applications. Both Google Apps and O365 solve this part of the equation. On the other hand, there is the question of how to manage on-premises systems. Both Azure AD and Google Apps cannot handle this aspect. So, organizations are left with a conundrum. Where are identities centralized?

Traditionally, organizations have leveraged on-premises software such as Microsoft Active Directory or OpenLDAP to manage identities. Both pieces of software were developed in the 1990s and have since become stalwarts in the IT space. However, with the move to the cloud, these legacy directories are struggling to keep up with how organizations are working today. The email infrastructure is in the cloud. Applications are both in the cloud and on-premises. Systems are on-premises and in the cloud with Infrastructure-as-a-Service providers such as AWS. Users now have Macs and mobile devices rather than just Windows machines. Microsoft’s Active Directory and OpenLDAP struggle in this environment.

Limitations With Centralizing Identities

Azure AD is a potential path, but it is unfortunately constrained to Azure cloud and O365. There are further limitations that affect its ability to act as a centralized identity solution. Azure AD doesn’t solve the problem of authenticating and managing on-premises devices. Nor can it connect it to an IaaS infrastructure at AWS, Google Compute Engine, Softlayer, or elsewhere. Google Apps Directory fares just as poorly as a centralized identity solution, as it is more of a contact database and an authentication source for Google-based services. Although, some third party applications can be connected via OAuth or SAML. Similar to Azure AD, Google Apps Directory does not solve the on-premises devices issue. Therefore, both solutions aren’t complete directory services. Their primary purpose is to function as a user management service for their particular applications.

An Agnostic Solution

To solve the entire directory services problem with cloud infrastructure, organizations should consider Directory-as-a-Service. A SaaS-based platform, DaaS is meant to connect to cloud-based infrastructure and applications, on-premises devices and legacy applications, networks, and more. The agnostic nature of Directory-as-a-Service enables organizations to use either Google Apps or O365 for their email and productivity solutions, yet centrally control user access and devices.

If you would like to learn more about how Azure AD and Google Apps Directory stack up against a true Directory-as-a-Service, drop us a note. Or feel free to give DaaS a try and connect it to your existing infrastructure.

Recent Posts