By Greg Keller Posted October 3, 2016
Here’s a simple question: can you authenticate your user’s Windows laptops and desktops against Azure Active Directory?
Unfortunately, simple questions sometimes have complicated answers.
Microsoft’s marketing would have you believe that it is possible. Most IT admins would, at least, infer that it is possible, but the answer is that you cannot. Azure AD wasn’t designed to authenticate your on-prem devices regardless of whether those are Windows, Mac, or Linux.
Active Directory and Azure and Azure Active Directory
In truth, Azure AD wasn’t really created to be your core directory service. Active Directory is meant for that purpose. But as you know, Active Directory is for primarily Windows-based networks, and those systems should be located on-prem with the domain.
If you happen to use Azure, that’s when Azure AD comes in. AD federates its credentials to Azure AD which then controls the systems located at Azure. For those not using AD, you are out of luck. Or if all of your systems aren’t at Azure, you are out of luck as well. In fact, there really isn’t another way to authenticate your Windows devices in Microsoft’s model if you aren’t using AD.
Restriction-Free Authentication is Possible
Fortunately, there is an easier way to authenticate your Windows devices. For those of you shifting to the cloud and looking for a cloud-hosted directory service too, take a look at Directory-as-a-Service® from JumpCloud®. It solves the problem of authenticating your Windows machines regardless of where they are located. On-prem laptops and desktops can be authenticated as simply as Windows cloud servers hosted at Azure, AWS, or even your own data center. JumpCloud’s cloud directory doesn’t discriminate on location or platform. In fact, you get the same capabilities across your Mac and Linux machines.
Authenticating Across Platforms, Eliminating Active Directory
Directory-as-a-Service functions as your unified cloud directory for systems, applications, and networks. Whether you are leveraging Office 365, Google Apps, AWS, Azure, Windows, or Mac, all of those platforms are treated as first-class objects in the cloud directory service. Actually, you don’t need to have Active Directory anymore.
If you are thinking about how to authenticate your Windows devices against Azure Active Directory, you are most likely struggling with the limitations of either Azure AD or with your move to the cloud. You don’t need to place those limitations on your infrastructure. Take a look at JumpCloud’s Identity-as-a-Service platform to solve your Windows authentication issues. Please feel free to give it a try for yourself. Your first 10 users are free forever.