{"id":43669,"date":"2023-01-03T09:32:11","date_gmt":"2023-01-03T14:32:11","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=43669"},"modified":"2024-11-08T17:53:22","modified_gmt":"2024-11-08T22:53:22","slug":"azure-ad-total-cost-ownership","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership","title":{"rendered":"Total Cost of Ownership of Azure AD"},"content":{"rendered":"\n<p><em>Editor\u2019s Note: Given the fast-paced nature of technology, it is possible that some of the information presented in this article is out-of-date, or incomplete, in some fashion. The author periodically reviews and revises this article to ensure information contained within is as accurate as possible.<\/em><\/p>\n\n\n<hr>\n\n\n\n<p>Microsoft<sup>\u00ae<\/sup> Azure<sup>\u00ae<\/sup> is an umbrella for a variety of cloud services, including Azure Active Directory (AAD). On its face, Azure AD might <a href=\"https:\/\/jumpcloud.com\/blog\/better-alternative-active-directory\">seem like a replacement<\/a> for on-prem <a href=\"https:\/\/jumpcloud.com\/blog\/active-directory-faq\">Active Directory (AD)<\/a> or a cloud-based solution for organizations in need of a directory service, but more factors come into play for IT admins making purchasing decisions, including complicated SKUs and licensing. This article examines the total cost of ownership (TCO) of AAD for the type of configuration that a small and medium-sized enterprise (SME) would require for its identity management lifecycle.<br><br>AAD was created to extend on-prem AD identities to Azure in order to provide user management for Microsoft Office applications, and now single sign-on (SSO) for service providers (SP). It\u2019s available as a standalone product, but is also bundled with Microsoft 365 (M365) subscriptions. Microsoft has positioned AAD as the connective tissue within a broader identity and access management (IAM) ecosystem. That extends from users and devices to its security portfolio. Add-ons and integrations are almost inescapable, because AAD is very interwoven with those products. It\u2019s not even possible to implement Microsoft\u2019s <a href=\"https:\/\/jumpcloud.com\/blog\/azure-ad-best-practices\">best practices for AAD<\/a> without paying more.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading1\">A Codependent Approach<\/h2>\n\n\n\n<p>Significantly, Microsoft manages endpoints separately from identities even though experts recommend making <a href=\"https:\/\/jumpcloud.com\/blog\/2022-fal-con-event-recap\">identity the new perimeter<\/a> in cybersecurity. Device management (outside of AD) is only bundled with some of its premium M365 SKUs, but not AAD. Organizations that aren\u2019t using M365 will have to purchase a separate subscription to manage their devices.<\/p>\n\n\n\n<p>Microsoft\u2019s reference architecture suggests an array of Microsoft-based tools to fully leverage AAD, so even Microsoft-heavy IT shops will encounter more IT infrastructure and maintenance costs. You\u2019ll have limited administrative capabilities if you use AAD without on-prem AD, or aren\u2019t subscribed to premium tiers and add-on services. For example, you won\u2019t be able to employ the suite of group policy objects (GPOs) to on-prem Windows devices, and you\u2019ll struggle with authenticating local IT resources such as applications and file servers.&nbsp;<\/p>\n\n\n\n<p>AAD is also not an open directory, so working with external identities from other identity providers (IP) and connecting users to IT resources (RADIUS, LDAP) requires even more solutions. Some are cloud-based, but others expand its footprint on-premise, and are reliant on AD.<\/p>\n\n\n\n<div class=\"promotion-banner-small is-flex-direction-column has-items-aligned-flex-start has-items-aligned-center-tablet\">\n    <div class=\"promo-small-image is-hidden-mobile\">\n        <img decoding=\"async\" src=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/03\/large-202303-EB-Resource-BreakingUpWithAD-290x175-SiteDisplay-aspect-ratio-160-110.png\" alt=\"JumpCloud\">\n    <\/div>\n    <div class=\"promo-small-content\">\n        <p class=\"is-type-body-tiny is-type-weight-bold is-important promo-small-title\">\n            Breaking Up with Active Directory        <\/p>\n        <p class=\"is-type-body-default is-important\">\n            Don\u2019t let your directory hold you back. Learn why it\u2019s time to break up with AD.        <\/p>\n    <\/div>\n    <div class=\"promo-small-cta\">\n        <a href=\"https:\/\/jumpcloud.com\/resources\/ebook-breaking-up-with-active-directory\" data-promo=\"Breaking Up with Active Directory\" class=\"button is-primary-green promo-small-banner-link\">Read Now<\/a>\n    <\/div>\n<\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading2\">Costs of Azure Active Directory<\/h2>\n\n\n\n<p>To fully assess the TCO of Azure AD, it\u2019s necessary to account for tangential, but necessary, costs. Fortunately, we\u2019ve developed an equation to help you understand the TCO of AAD:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Costs of Azure Active Directory = Azure AD Premium Package + Add-Ons for device management + External Identities + Azure AD DS + Active Directory + LDAP Server + RADIUS Server + Integration\/Management Time for your implements<\/p>\n<\/blockquote>\n\n\n\n<p>Let\u2019s begin by assessing AAD\u2019s pricing and then branch outward to the other components.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Standalone Azure AD and M365<\/h3>\n\n\n\n<p>Standalone AAD has three SKUs:<\/p>\n\n\n\n<ul>\n<li><strong>AAD Free<\/strong> \u2013 AAD Free provides SSO to Microsoft apps and federation to other <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-saml\">SAML<\/a>\/<a href=\"https:\/\/jumpcloud.com\/blog\/saml-vs-openid\">OIDC<\/a> services. This version is feature-limited with no group management, limited MFA configurations, limits on directory objects per user, and various other restrictions.<\/li>\n\n\n\n<li><strong>Premium 1 (P1) \u2013 <\/strong>P1 introduces SSO sign-in page customizations, <a href=\"https:\/\/jumpcloud.com\/blog\/conditional-access-policies-examples\">conditional access <\/a>rules, role-based group assignments to applications, end-user self-service for passwords and MFA, additional cloud security, and options for authenticating users into local Windows apps.&nbsp;<\/li>\n\n\n\n<li><strong>Premium 2 (P2)<\/strong> \u2013 P2 adds risk-based identity protection, more self-service capabilities, as well as <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-identity-governance-and-administration-iga\">identity governance and administration<\/a> and compliance such as privileged access and entitlements management. Logging and reporting is also more comprehensive.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"167\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/1.png\" alt=\"Azure Ad pricing\" class=\"wp-image-73433\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/1.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/1-300x98.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"299\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/2.png\" alt=\"capabilities and use cases for Microsoft\" class=\"wp-image-73434\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/2.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/2-300x175.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>Image credit: learn.microsoft.com<\/em><\/figcaption><\/figure>\n\n\n\n<p>M365 subscriptions also bundle AAD. It\u2019s not even possible to use M365 without AAD, which serves as its substrate for managing your users. Some admins encounter AAD through Office.<\/p>\n\n\n\n<p>Its directory features are gated off into multiple tiers:<\/p>\n\n\n\n<ul>\n<li><strong>M365 Business Premium<\/strong> \u2013 This includes device management and security services to protect identities.<\/li>\n\n\n\n<li><strong>M365 E1<\/strong> \u2013 Device management isn\u2019t included and AAD is limited.<\/li>\n\n\n\n<li><strong>M365 E3<\/strong> \u2013 This edition includes device management and AAD P1.<\/li>\n\n\n\n<li><strong>M365 E5<\/strong> \u2013 This edition includes device management and AAD P2.<\/li>\n\n\n\n<li><strong>M365 F3 <\/strong>\u2013 This edition includes device management and AAD P1.<\/li>\n\n\n\n<li><strong>Enterprise Mobility + Security (EMS) E3<\/strong> \u2013 This edition includes device management and AAD P1.<\/li>\n<\/ul>\n\n\n\n<p><strong>EMS E5 \u2013 <\/strong>This edition includes device management and AAD P2.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"174\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/3.png\" alt=\"Microsoft 365 pricing\" class=\"wp-image-73435\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/3.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/3-300x102.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>Image credit: Microsoft<\/em><\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Device Management<\/h3>\n\n\n\n<p>AAD sounds a lot like AD, but it <a href=\"https:\/\/jumpcloud.com\/blog\/can-i-replace-ad-with-azure-ad\">doesn\u2019t perform the same role<\/a>; for example, it won\u2019t manage your devices. Microsoft established its Intune product lineup to manage Android\/Chrome, Apple, Linux, and Windows endpoints. It uses AAD to manage identities, Configuration Manager (formerly SCCM), in addition to Windows Defender for security and Autopilot for onboarding Windows devices. Intune may be bundled with M365, depending upon your subscription level. However, <a href=\"https:\/\/jumpcloud.com\/blog\/intune-pricing\">Intune is not included with AAD P1 or P2<\/a>, and that omission will increase your monthly costs per user.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"292\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/4.png\" alt=\"compared pricing\" class=\"wp-image-73436\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/4.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/4-300x171.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"482\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/5.png\" alt=\"availability of Basic Mobility and Security and Intune\" class=\"wp-image-73437\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/5.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/5-300x282.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<p>Intune includes enterprise-grade features and can be a useful tool for compliance and managing non-Windows devices for organizations that have many remote workers. However, it also has documented <a href=\"https:\/\/jumpcloud.com\/blog\/comparing-jumpcloud-azure-ad-intune\">downsides<\/a>. SMEs that are accustomed to AD may be unfamiliar with its quirks:<\/p>\n\n\n\n<ul>\n<li>Unpredictable time spent importing the provisioning of devices, assigning profiles, and deploying apps.<\/li>\n\n\n\n<li>Simple mistakes can cause actions to fail, such as a Registry key requirement rule filtering out devices.<\/li>\n\n\n\n<li>Problems with assigning available licenses to new users.<\/li>\n\n\n\n<li>Configuration changes taking a long time to go into effect.<\/li>\n\n\n\n<li>Debugging events and sync logs requiring additional <a href=\"https:\/\/msendpointmgr.com\/intune-debug-toolkit\/\" target=\"_blank\" rel=\"noreferrer noopener\">third-party tooling<\/a>.<\/li>\n\n\n\n<li>Loss of internet connectivity causing Windows Autopilot to fail.<\/li>\n<\/ul>\n\n\n\n<p>The cost of learning, implementing, and supporting Intune is another TCO consideration.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Azure Active Directory Domain Services<\/h3>\n\n\n\n<p>Intune is not the only option for Microsoft shops. Azure Active Directory Domain Services (Azure AD DS) is billed as a domain controller-as-a-service for virtual machines and legacy applications. It\u2019s charged for the hour, and the price is based on the number of directory objects.<\/p>\n\n\n\n<p><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory-domain-services\/tutorial-create-management-vm\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Per Microsoft<\/a>, \u201cAzure AD DS provides a managed domain for your users, applications, and services to consume. This approach changes some of the available management tasks you can do, and what privileges you have within the managed domain.\u201d<\/p>\n\n\n\n<p>Azure AD DS differs from on-prem AD in a number of ways, including its lack of domain or enterprise administrator privileges. You also cannot add on-prem domain controllers to the managed domain.<\/p>\n\n\n\n<p>If you use AAD and Azure AD DS in conjunction with on-prem AD \u2014 which is necessary if you want full AD capabilities \u2014 you\u2019ll have to factor in the associated costs for that as well.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Managing External Identities<\/h3>\n\n\n\n<p>Microsoft Entra is necessary to manage external (non-Microsoft) identities and devices. There&#8217;s a charge for every single MFA authentication for non-Microsoft identities such as Google Workspace. In addition, AAD P1 or P2 licenses are necessary to work with external identities.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"130\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/6.png\" alt=\"compared pricing for identities\" class=\"wp-image-73438\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/6.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/6-300x76.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Complex Licensing<\/h2>\n\n\n\n<p>If you think that AAD is the right solution for your organization, you\u2019ll have to dig through the pricing and SKUs outlined above. It goes without saying that the pricing model is complicated, and non-system access needs may also obligate you to purchase more <a href=\"https:\/\/jumpcloud.com\/blog\/cals-client-access-licenses\">CALs<\/a>. You should begin by understanding your current situation. If you have a Microsoft Enterprise Agreement, Open Volume agreement, or are part of the Cloud Solutions Program, you will have a right to certain functionality (Basic and Premium depending upon your specific agreement).<\/p>\n\n\n\n<p>If your IT organization isn\u2019t a part of any of those programs, yet you\u2019ve purchased <a href=\"https:\/\/jumpcloud.com\/blog\/comparing-jumpcloud-azure-ad-intune\">Azure or M365<\/a>, you can purchase the right Premium Azure AD services. It\u2019s possible for SMEs to overspend on AAD or be upsold by a Microsoft partner due to the complexity of its licensing, so it\u2019s important to take the time to understand your requirements versus what you\u2019re paying for.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"307\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/7.png\" alt=\"reddit feed\" class=\"wp-image-73439\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/7.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/7-300x180.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>Image credit: Reddit<\/em><\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading3\">Complicated Setup and Migrations<\/h2>\n\n\n\n<p>The breadth of potential configurations, critical need to understand <a href=\"https:\/\/jumpcloud.com\/blog\/azure-ad-best-practices#heading2\">security best practices<\/a>, and overall complexity can make adopting AAD a major initiative. Most SMEs aren\u2019t experts in Microsoft licensing and seek assistance for their implementations. For instance, AAD\u2019s default settings can place your users at risk of phishing attacks that can even bypass MFA. IT teams that are migrating from products such as <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-adfs\">AD FS<\/a> or have multiple domains in a forest will face some technical considerations that may be unclear and unfamiliar. Microsoft\u2019s <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/architecture\/reference-architectures\/identity\/azure-ad\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">guidance<\/a> states:<\/p>\n\n\n\n<p>\u201cIf you have multiple on-premises domains in a forest, we recommend storing and synchronizing information for the entire forest to a single Azure AD tenant. Filter information for identities that occur in more than one domain, so that each identity appears only once in Azure AD, rather than being duplicated. Duplication can lead to inconsistencies when data is synchronized. For more information, see the Topology section below.\u201d&nbsp;<\/p>\n\n\n\n<p>That can be significant work for an SME.<br><br>The realization that adopting AAD can be very cumbersome has given rise to a <a href=\"https:\/\/azure.microsoft.com\/en-us\/partners\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">cottage industry of consultants<\/a>, and many organizations purchase blocks of hours to support their deployments. In-house resources may not be enough. Factor implement costs into your TCO calculations.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading4\">Cost of Active Directory<\/h2>\n\n\n\n<p>Active Directory represents a number of costs for organizations, including servers, software, and licensing. SMEs will also have to maintain a server room, which can add significant costs.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Servers: Domain Controllers<\/h3>\n\n\n\n<p>If you use Azure AD with on-prem AD, servers are an obvious cost. You either need to maintain a server room or spin up AD in a virtual environment, both of which must factor into the TCO of Azure AD. You need to budget for the costs of redundant servers, too, in case your primary domain controller (DC) fails. High availability (HA) is automatic whenever there\u2019s more than one DC. That makes it possible to shut down a server for maintenance without impacting your end users.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"456\" height=\"139\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/8.png\" alt=\"A task from an IT department\u2019s project to set up high availability\" class=\"wp-image-73440\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/8.png 456w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/8-300x91.png 300w\" sizes=\"(max-width: 456px) 100vw, 456px\" \/><figcaption class=\"wp-element-caption\"><em>A task from an IT department\u2019s project to set up high availability<\/em><\/figcaption><\/figure>\n\n\n\n<p>Objects are automatically replicated throughout the server cluster and administration is more complex: e.g., add-on apps must be installed and updated on each DC. Adding additional servers to achieve HA may increase licensing, management, and other infrastructure costs.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Software: Windows Server<\/h3>\n\n\n\n<p>Beyond the cost of the servers themselves, you\u2019ll need to purchase the software to be installed on them. Since 2016, Windows Server licensing has been on a per <a href=\"https:\/\/techlibrary.hpe.com\/us\/en\/enterprise\/servers\/licensing\/index.aspx\" target=\"_blank\" rel=\"noreferrer noopener\">CPU core pricing structure<\/a>, rather than the previous per socketed CPU structure. Admins can purchase those licenses in 2- or 16-packs. You may need to stand up multiple servers for all of the required server roles.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Licensing: Client Access Licenses<\/h3>\n\n\n\n<p>Another important cost to consider is <a href=\"https:\/\/jumpcloud.com\/blog\/cals-client-access-licenses\">client access licenses (CALs)<\/a>, which you purchase based either on user count or device count. Core licensing has become <a href=\"https:\/\/jumpcloud.com\/blog\/microsoft-server-core-licensing-costs-more\">even more expensive<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"206\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/9.png\" alt=\"An example of new CALs being required without Software Assurance volume licensing\" class=\"wp-image-73441\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/9.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/9-300x121.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>An example of new CALs being required without Software Assurance volume licensing<\/em><\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Hardening AD for Security<\/h3>\n\n\n\n<p>It can take more than a work week to secure AD to <a href=\"https:\/\/jumpcloud.com\/blog\/active-directory-faq#heading7\">recommended best practices<\/a>. Maintaining AD alongside AAD could dramatically increase IT overhead and administrative costs.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"320\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/10.png\" alt=\"A statement of work to harden a domain controller\" class=\"wp-image-73442\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/10.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/10-300x188.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>A statement of work to harden a domain controller \u2014 the total cost was $6,485.95<\/em><\/figcaption><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Advanced Identity Lifecycle Management<\/h3>\n\n\n\n<p>AD isn\u2019t <a href=\"https:\/\/jumpcloud.com\/resources\/zero-trust-security\" target=\"_blank\" rel=\"noreferrer noopener\">Zero Trust<\/a> and identity lifecycle management is a manual process unless SMEs develop automations or use third-party solutions. That increases the risk that users may be over or under-provisioned, or that inactive accounts remain in use. Managing users in AD can be a disjointed, error-prone process. The risk of data exfiltration is higher with manual processes, which creates a financial risk as laws and regulations are treating violations more seriously. AAD\u2019s advanced identity management policies can extend AD and improve upon it, but only with P1, P2 subscriptions. Azure AD Connect is required to sync identities between AD and AAD.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Server Rooms<\/h3>\n\n\n\n<p>An accumulation of hardware, servers, and network equipment means you\u2019ll be spending more for your server room. Eventually, you\u2019ll require a more powerful core switch or better firewall. \u201cBetter\u201d translates to more expensive and potentially unplanned downtime on your network as well as new annual support costs, change management, and backups of your configurations.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"288\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/11.png\" alt=\"Support renewal costs for upgraded firewalls at a manufacturing company\" class=\"wp-image-73443\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/11.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/11-300x169.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>Support renewal costs for upgraded firewalls at a manufacturing company<\/em><\/figcaption><\/figure>\n\n\n\n<p>Then, you\u2019ll have to establish physical security controls and ideally, fire suppression. An inert gas system requires sealing a room and having dedicated HVAC. Other solutions for special hazards, including in-rack fire suppression, are also costly. See here for an example:<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"299\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/12.png\" alt=\"Part of a quote for a server room\u2019s fire suppression upgrade\" class=\"wp-image-73444\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/12.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/12-300x175.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>Part of a quote for a server room\u2019s fire suppression upgrade<\/em><\/figcaption><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Microsoft promises consolidation, but its solutions can be a wellspring of added administration.<\/p>\n<\/blockquote>\n\n\n\n<p>This next section explores non-systems requirements and challenges AAD creates for SSO.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading5\">LDAP Server<\/h2>\n\n\n\n<p>AAD and AD lack SSO to everything, especially the core protocols that network devices or Wi-Fi networks use. This can lead to identity silos and duplicate authentication flows. Microsoft promises consolidation, but its solutions can be a wellspring of added administration.<\/p>\n\n\n\n<p>If you aren\u2019t hosting all your server infrastructure in Azure, you\u2019ll also need to manage the associated identity management costs to manage user access to other cloud infrastructure providers such as AWS<sup>\u00ae<\/sup> and GCP. Some of these platforms offer their own managed Active Directory services, so you can potentially leverage those managed AD services, but you\u2019ll need to make sure that they can connect back to your other AD infrastructure and\/or with Azure. None of this work is easy, and it can add a great deal of fragility to your IAM environment.<br><br>Azure AD doesn\u2019t come with <a href=\"https:\/\/jumpcloud.com\/platform\/ldap\" target=\"_blank\" rel=\"noreferrer noopener\">cloud LDAP<\/a> functionality, so you\u2019ll need to maintain an LDAP server, as well as service on-prem LDAP applications and MFA solution, if required. Azure AD DS is also <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/active-directory\/fundamentals\/auth-ldap\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">required<\/a> to sync passwords and group memberships from Active Directory. Azure AD DS allows organizations to migrate legacy applications to Azure entirely, but that service represents an additional cost as well as the work around the migration of applications which is not an easy task in most instances.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"512\" height=\"319\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/01\/13.png\" alt=\"\" class=\"wp-image-73445\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/13.png 512w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/01\/13-300x187.png 300w\" sizes=\"(max-width: 512px) 100vw, 512px\" \/><figcaption class=\"wp-element-caption\"><em>Image credit: Microsoft<\/em><\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading6\">RADIUS Server<\/h2>\n\n\n\n<p>Azure AD does not come with <a href=\"https:\/\/jumpcloud.com\/platform\/cloud-radius\">cloud RADIUS functionality<\/a> either. Instead, you\u2019ll need to spin up a RADIUS server, use the NPS server role or another cloud service to have the capability of managing Wi-Fi and VPN access. You\u2019ll also require a secondary authentication method. JumpCloud makes it possible to leverage AAD credentials for <a href=\"https:\/\/jumpcloud.com\/blog\/what-is-delegated-authentication\">delegated authentication<\/a>. Many network devices use RADIUS for authentication, and the lack of support makes initiatives such as compliances more difficult. Auditors often want devices, down to switches, protected by MFA.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"heading7\">Vendor Lock-In<\/h2>\n\n\n\n<p>This level of platform integration may be beneficial for \u201call Microsoft and Azure\u201d organizations. However, the lack of interoperability through an open directory and continued reliance on AD adds costs, complexity, and administrative overhead. That level of monoculture and high dependence on a single vendor makes it more difficult to adopt \u201cbest-of-breed\u201d solutions.<\/p>\n\n\n\n<p>With the changing IT landscape, the good news is that IT organizations are leveraging a wider range of platforms. This requires a different set of IT management tools, and specifically, it involves the core identity provider. Using Azure AD encourages the use of Azure throughout your entire environment. AAD, like AD, obligates the use of Microsoft infrastructure and services\/applications. This strategy has been successful for Microsoft in the past, and the company is employing it again to work to lock-in customers into Microsoft platforms.<br><br>Microsoft\u2019s promotion of IT consolidation has been successful from a sales perspective, but it doubles down on vendor lock-in. In contrast, an open directory platform provides <em>value<\/em> lock-in.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Evaluating Azure Active Directory<\/h2>\n\n\n\n<p>Azure AD might be the solution for a Microsoft shop that already has AD established and needs to extend their IT resource management to the cloud. However, organizations should assess their existing stack and whether Azure AD will address all their needs before making the purchase. Beyond Azure AD, organizations will likely need to purchase Intune for device management. Azure AD DS is also necessary to maintain Azure AD Connect (along with their on-prem AD instance), as well as RADIUS and LDAP instances and other add-ons. These all represent cost centers. Azure AD is not an all-in-one solution, but does meet certain use cases.<\/p>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\"\/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>Compare JumpCloud against <a href=\"https:\/\/jumpcloud.com\/blog\/comparing-jumpcloud-azure-ad-intune\">Entra ID (Azure AD) and Intune<\/a><\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Resource to Calculate TCO<\/h2>\n\n\n\n<p>JumpCloud released a <a href=\"https:\/\/jumpcloud.com\/resources\/tco-calculation-guide\" target=\"_blank\" rel=\"noreferrer noopener\">TCO Guide<\/a> and <a href=\"https:\/\/jumpcloud.com\/blog\/how-to-use-jumpclouds-tco-calculator\">TCO Calculator<\/a> to help IT admins understand the complete costs of different solutions used in their environment. We also invite you to try <a href=\"https:\/\/console.jumpcloud.com\/signup\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud<\/a> for free. It may help extend AD in the way that your organization needs to adapt to change or meet compliance requirements without hassle. JumpCloud is&nbsp;<\/p>\n\n\n\n<p>JumpCloud\u2019s open directory platform delivers select features found in AAD, Entra, and Intune with an emphasis on what\u2019s best for SMEs. Those capabilities are available without gated licensing, tethering your team to legacy systems, or complicated workarounds. It\u2019s priced to enable workflows, versus charging more for advanced identity lifecycle management. JumpCloud enables <a href=\"https:\/\/jumpcloud.com\/use-cases\/it-unification\">IT unification<\/a>, as opposed to consolidating with a single vendor.<\/p>\n\n\n\n<p>Its benefits include:<\/p>\n\n\n\n<ul>\n<li>AAD and AD <a href=\"https:\/\/jumpcloud.com\/blog\/integrate-ad-jumpcloud#:~:text=Using%20a%20feature%20called%20Active,to%20extend%20the%20other's%20reach.\">integration<\/a> with group syncing<\/li>\n\n\n\n<li>The ability to import identities from your <a href=\"https:\/\/jumpcloud.com\/blog\/how-jumpclouds-hris-integration-works\">HR systems<\/a> at no additional cost<\/li>\n\n\n\n<li>Attribute-base groups that makes <a href=\"https:\/\/jumpcloud.com\/blog\/the-immediate-advantages-of-attribute-based-access-control\">suggested changes<\/a> and automate memberships<\/li>\n\n\n\n<li><a href=\"https:\/\/jumpcloud.com\/platform\/mdm\" target=\"_blank\" rel=\"noreferrer noopener\">Mobile Device Management<\/a> (MDM) and pre-built policies for Apple products, Android (soon), <a href=\"https:\/\/jumpcloud.com\/blog\/new-linux-security-policies-july-2022\">Linux<\/a>, and Windows endpoints<\/li>\n\n\n\n<li><a href=\"https:\/\/jumpcloud.com\/platform\/single-sign-on\" target=\"_blank\" rel=\"noreferrer noopener\">SSO to everything<\/a>, including integrated cloud <a href=\"https:\/\/jumpcloud.com\/platform\/cloud-radius\" target=\"_blank\" rel=\"noreferrer noopener\">RADIUS<\/a> and <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/using-jumpclouds-ldap-as-a-service1\" target=\"_blank\" rel=\"noreferrer noopener\">LDAP<\/a><\/li>\n\n\n\n<li>Environment-wide <a href=\"https:\/\/jumpcloud.com\/platform\/multi-factor-authentication-mfa\" target=\"_blank\" rel=\"noreferrer noopener\">Push MFA<\/a> and TOTP; certificate-based authentication (soon)<\/li>\n\n\n\n<li>Optional <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/Getting-Started-Conditional-Access-Policies\" target=\"_blank\" rel=\"noreferrer noopener\">conditional access policies<\/a> for privileged access management (PAM)<\/li>\n\n\n\n<li>Interoperability with <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/office-365-user-import-provisioning-and-sync1\" target=\"_blank\" rel=\"noreferrer noopener\">M365<\/a>, <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/g-suite-user-import-provisioning-and-sync1\" target=\"_blank\" rel=\"noreferrer noopener\">Google Workspace<\/a>, and <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/ConfiguringOktaDelegatedAuthority\" target=\"_blank\" rel=\"noreferrer noopener\">Okta<\/a><\/li>\n\n\n\n<li>Integrated, <a href=\"https:\/\/support.jumpcloud.com\/s\/article\/JumpCloud-Reports\" target=\"_blank\" rel=\"noreferrer noopener\">pre-built reporting<\/a> on directory and system activities<\/li>\n\n\n\n<li>Optional cross-OS <a href=\"https:\/\/jumpcloud.com\/platform\/patch-management\" target=\"_blank\" rel=\"noreferrer noopener\">patch management<\/a> and a decentralized password manager<\/li>\n<\/ul>\n\n\n\n<p>JumpCloud also offers a variety of <a href=\"https:\/\/jumpcloud.com\/professional-services\">Professional Services<\/a> to help ease the load your employees face.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>Software renewals come out of the capital expenditures (CAPEX) budget, which is a major long-term expenditure versus operating expenses (OPEX), the day-to-day operational budget. Accounting makes a distinction between software and services. Using services helps your organization to <a href=\"https:\/\/jumpcloud.com\/blog\/it-budgeting-strategies\">lower its income taxes <\/a>and free up cash. Services may make it easier to budget when you already know what the ongoing costs will be.<\/p>\n\n\n\n<p><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Azure AD is a gateway to other Microsoft services and solutions. Implementation can be complicated and costly.<\/p>\n","protected":false},"author":150,"featured_media":43671,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"collection":[2778,2779],"platform":[],"funnel_stage":[3015],"coauthors":[2535],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Total Cost of Ownership of Azure AD - JumpCloud<\/title>\n<meta name=\"description\" content=\"Azure AD is a gateway to other Microsoft services and solutions. Implementation can be complicated and costly.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Total Cost of Ownership of Azure AD\" \/>\n<meta property=\"og:description\" content=\"Azure AD is a gateway to other Microsoft services and solutions. Implementation can be complicated and costly.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-01-03T14:32:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-11-08T22:53:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"780\" \/>\n\t<meta property=\"og:image:height\" content=\"520\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"David Worthington\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"David Worthington\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#article\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership\"},\"author\":{\"name\":\"David Worthington\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e\"},\"headline\":\"Total Cost of Ownership of Azure AD\",\"datePublished\":\"2023-01-03T14:32:11+00:00\",\"dateModified\":\"2024-11-08T22:53:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership\"},\"wordCount\":3034,\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership\",\"url\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership\",\"name\":\"Total Cost of Ownership of Azure AD - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg\",\"datePublished\":\"2023-01-03T14:32:11+00:00\",\"dateModified\":\"2024-11-08T22:53:22+00:00\",\"description\":\"Azure AD is a gateway to other Microsoft services and solutions. Implementation can be complicated and costly.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg\",\"width\":780,\"height\":520},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Total Cost of Ownership of Azure AD\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e\",\"name\":\"David Worthington\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/d9acf1381c6e5b50c0f50d47b7b05411\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g\",\"caption\":\"David Worthington\"},\"description\":\"I'm the JumpCloud Champion for Product, Security. JumpCloud and Microsoft certified, security analyst, a one-time tech journalist, and former IT director.\",\"sameAs\":[\"https:\/\/jumpcloud.com\/blog\",\"david.worthington@jumpcloud.com\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Total Cost of Ownership of Azure AD - JumpCloud","description":"Azure AD is a gateway to other Microsoft services and solutions. Implementation can be complicated and costly.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership","og_locale":"en_US","og_type":"article","og_title":"Total Cost of Ownership of Azure AD","og_description":"Azure AD is a gateway to other Microsoft services and solutions. Implementation can be complicated and costly.","og_url":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership","og_site_name":"JumpCloud","article_published_time":"2023-01-03T14:32:11+00:00","article_modified_time":"2024-11-08T22:53:22+00:00","og_image":[{"width":780,"height":520,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg","type":"image\/jpeg"}],"author":"David Worthington","twitter_card":"summary_large_image","twitter_misc":{"Written by":"David Worthington","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#article","isPartOf":{"@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership"},"author":{"name":"David Worthington","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e"},"headline":"Total Cost of Ownership of Azure AD","datePublished":"2023-01-03T14:32:11+00:00","dateModified":"2024-11-08T22:53:22+00:00","mainEntityOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership"},"wordCount":3034,"publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership","url":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership","name":"Total Cost of Ownership of Azure AD - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg","datePublished":"2023-01-03T14:32:11+00:00","dateModified":"2024-11-08T22:53:22+00:00","description":"Azure AD is a gateway to other Microsoft services and solutions. Implementation can be complicated and costly.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#primaryimage","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2020\/01\/azure-ad.jpg","width":780,"height":520},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/blog\/azure-ad-total-cost-ownership#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Total Cost of Ownership of Azure AD"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/185ca12034835ee50ee17b100abdfb2e","name":"David Worthington","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/person\/image\/d9acf1381c6e5b50c0f50d47b7b05411","url":"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a6dde901b469c9005c22973e42038d62?s=96&d=mm&r=g","caption":"David Worthington"},"description":"I'm the JumpCloud Champion for Product, Security. JumpCloud and Microsoft certified, security analyst, a one-time tech journalist, and former IT director.","sameAs":["https:\/\/jumpcloud.com\/blog","david.worthington@jumpcloud.com"]}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/43669"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/150"}],"replies":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/comments?post=43669"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/43669\/revisions"}],"predecessor-version":[{"id":117285,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/posts\/43669\/revisions\/117285"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media\/43671"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=43669"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/categories?post=43669"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/tags?post=43669"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/collection?post=43669"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/platform?post=43669"},{"taxonomy":"funnel_stage","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/funnel_stage?post=43669"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=43669"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}