Is there such a thing as a cloud only Active Directory®? Well, the quick and easy answer is no, at least not from Microsoft®. But, the concept of a cloud directory is very much alive and well, and available, albeit with an interesting twist: there’s no Mac® or Linux® restrictions like there are with the on-prem AD. This modern approach to the concept of an identity provider is actually replacing the on-prem directory service for IT organizations around the world.
Setting the Record Straight
Many have theorized that Azure® Active Directory is the cloud version of Active Directory. Unfortunately, that isn’t true, even coming from the standpoint of a Microsoft representative. It doesn’t take Microsoft telling us that Azure AD isn’t a replacement for AD to understand their strategy, however. Active Directory (MAD or AD) has been at the core of IT organizations for almost twenty years now. As a steel thread in the network, MAD has effectively been tying organizations back to Microsoft Windows®.
Now, as the IT network shifts away from Windows, Microsoft has had to shift their strategy as well. That shift has led to Azure, where Office 365™ and IaaS are the dominant solutions. With this shift to the cloud, Microsoft needed a way to maintain their ability to control user access. They knew that Active Directory struggled with non-Windows IT resources and anything off-prem. The result was that they created Azure Active Directory, which really focused on being a complement to on-prem AD for Azure infrastructure and services, Office 365, and web applications. It wasn’t meant to be a replacement to AD or to manage user access to on-prem systems (e.g. Mac and Linux machines), third party infrastructure like AWS® or GCP™, and on-prem applications / networks. This is why Microsoft views Azure AD as a complement rather than a replacement to AD.
So, the result is that there isn’t really a cloud only Active Directory approach from Microsoft that eliminates an on-prem identity provider. But, the good news is that there (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by George Lattimore. Read the original post at: https://jumpcloud.com/blog/cloud-only-active-directory/