By Rajat Bhargava Posted March 18, 2017
It’s an interesting question to ponder – when is it right to use Active Directory®, now that we are deep into the cloud era?
Microsoft Active Directory was created for a completely different time. With the massive changes in the IT landscape, many IT admins are wondering when it’s right to use Active Directory and when it doesn’t make sense. With the advent of Directory-as-a-Service®, an Active Directory replacement, there is finally a choice for IT admins.
Before diving into when to use AD in more modern times, we should step back and highlight where Active Directory came from as well as why it became the market share leader for on-prem directory services.
Pre-Cloud: When Microsoft Owned Directory Services
Microsoft Active Directory was released in 1999 and was likely in development for many years prior to that time. When it was conceived, LDAP was just emerging as a major authentication platform, IT networks were starting to emerge in a significant way with the exposure of the Internet, and, of course, the world was virtually 100% Microsoft Windows and on-prem. At the time, it made a great deal of sense for Microsoft to release a directory service. Their customers were asking for a solution to centralize the user management of Windows devices, applications, and systems.
Today, The Market Has Changed
The world is no longer Windows and on-prem. Windows is only one in five devices now (Forbes). Linux and macOS devices are far more prevalent in the enterprise today. IT admins are also shifting away from Microsoft Exchange for their email server in favor of G Suite and Microsoft Office 365. AWS is now becoming the data center of choice instead of it being internally created and located on-prem. Organizations are shifting to the web for their applications, so that is changing the IT landscape as well.
For IT admins, the challenge then becomes how to work in a mixed environment. Let’s give a quick rundown of some of the issues IT is facing here:
- Active Directory struggles with a heterogeneous environment. Authenticating macOS and Linux systems is harder. Cloud servers hosted at AWS are more difficult to deal with.
- G Suite requires an intermediary server when Active Directory is involved. This solution is called Google Apps Directory Sync (GADS), but it is another server to manage.
- Web applications often require another third-party tool called a web application single sign-on solution.
- If you want multi-factor authentication, you will need yet another solution.
For these reasons and more, if you have a mixed-platform environment and you are shifting to the cloud, Active Directory turns out to be a very difficult solution to make work. This is why JumpCloud® created Directory-as-a-Service – to be a replacement to Active Directory that worked in heterogeneous environments.
Knowing When to Use Active Directory
That isn’t to say there aren’t still instances today where Active Directory is the best fit for an organization. For instance, if you are still an on-prem and Windows-based organization, then you will want to take a look at AD. There are still a number of reasons why organizations need to stay on-prem with one of the most significant being regulations. Financial services organizations and governmental entities often fall into this category. While there are fewer of these organizations today, they do still exist – and Active Directory can play an important role in their environment.
That said, if you’re a cloud-forward organization that includes Mac or Linux devices, then you would be doing yourself a disservice not to consider the Directory-as-a-Service alternative to Active Directory.
Active Directory Reimagined for the Cloud Era
If you are trying to figure out when to use Active Directory in the cloud era, drop us a note as we’d be happy to talk it through with you. Also, sign up for a free account to give our IDaaS platform a try. Your first 10 users are free forever.