Can you replace AD with Azure® AD? It’s a very common question for sysadmins and IT directors. With almost all of the IT environment moving to the cloud, there are a number of incentives to move the directory to the cloud too. Azure is Microsoft’s® foray into cloud-based directory services, and it’s reasonable to think that it could have all the capabilities of Active Directory® as the name implies. But the truth is more complicated than that.
Replace AD With Azure AD?
Can Azure AD actually be the complete replacement to AD that admins are looking for? Unfortunately, the short answer to this question is no. Azure AD is not a replacement for Active Directory. You don’t have to take our word for it though. Check out what a Microsoft representative said on this Spiceworks post.
Azure Active Directory is not designed to be the cloud version of Active Directory. It is not a domain controller or a directory in the cloud that will provide the exact same capabilities with AD. It actually provides many more capabilities in a different way.
That’s why there is no actual “migration” path from Active Directory to Azure Active Directory. You can synchronize your on-premises directories (Active Directory or other) to Azure Active Directory but not migrate your computer accounts, group policies, OU etc.
As you can see here Azure Active Directory is an identity and access management solution for hybrid or cloud-only implementations. It can extend the reach of your on-premises identities to any SaaS application hosted in any cloud. It can provide secure remote access to on-premises applications that you want to publish to external users. It can be the center of your cross-organization collaboration by providing access for your partners to your resources. It provides identity management to your consumer-facing application by using social identity providers. Cloud app discovery, Multi-Factor Authentication, protection of your identities in the cloud, reporting of Sign-ins from possibly infected devices, leaked credentials report, user behavioral analysis are a few additional things that we couldn’t even imagine with the traditional Active Directory on-premises.
Even the (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Jon Griffin. Read the original post at: https://jumpcloud.com/blog/can-replace-ad-azure-ad/