The trend in modern IT is to move as much IT infrastructure to the cloud as possible. This means web applications, servers, and anything else that can be offloaded. As a result, many admins have started looking into the possibility of a cloud directory. Microsoft® has been promoting their Azure® Active Directory® (AAD) product a lot, and as a result many admins consider it to be the cloud version of Active Directory® (AD). But can Azure Active Directory truly function as a managed cloud directory? This is a common question for those looking at shifting their identity management infrastructure to the cloud, and the answer might not be what you expect.
Is Azure a Complete Managed Cloud Directory?
The simple answer to this question is no. A managed Azure Active Directory implementation is not a complete cloud directory, and it can not operate as a replacement to Active Directory. AAD is a core part of Microsoft’s strategy to shift their clients to the cloud, but the concept is more similar to being a user management system for Azure services and a web app SSO platform. This was confirmed by a Microsoft representative himself in a SpiceWorks thread.
The real architecture that Microsoft is pushing is an Active Directory installation on-prem, with Azure AD tacked on in the cloud. With this setup, as your Microsoft infrastructure shifts to Azure, your logins are seamlessly federated to Azure. This approach works well if you are going to be an all Microsoft organization. But if you aren’t, then this AD and Azure AD approach will be limiting to your organization.
Is There a True Managed Cloud Directory Option?
Active Directory and Azure AD aren’t really designed to work with a wide range of IT resources. This puts organizations that utilize Mac and Linux systems, cloud infrastructure from AWS or Google Cloud Platform, productivity solutions such as G Suite, or a wide range of other solutions such as WiFi, Samba file servers, or other IT resources in a very tough spot.
As a result, modern IT organizations are taking a (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Jon Griffin. Read the original post at: https://jumpcloud.com/blog/managed-cloud-directory-azure-active-directory/