Can IDaaS Replace Active Directory®?

IDaaS vs Active Directory

Like many Windows® products, Microsoft® Active Directory® (MAD or AD) has dominated the IT industry for decades. In the modern era, however, innovations led by an overall shift of IT resources to the cloud have AD stuck between a rock and a hard place. A new generation of identity management solutions has risen to fill the gap between AD and the cloud, called Identity-as-a-Service (IDaaS). This meteoric rise has driven IT admins to wonder, can IDaaS replace Active Directory? Well, for most IDaaS solutions, the answer is no. Let’s explore IDaaS as a whole and see why.

What is IDaaS?

As previously mentioned, IDaaS solutions are the result of the general migration to the cloud. You may of also heard of them referred to as SSO (single sign-on) solutions. This is due to the fact that IDaaS solutions are utilized to connect users to the variety of web-based applications they may use in their day-to-day. Traditional IDaaS solutions are often layered on top of an on-prem directory services implementation, typically with Active Directory serving as the core identity provider (IdP). By using AD as their source of truth, IDaaS softwares can use a single identity to connect to those resources, hence the name single sign-on.

Can IDaaS Replace Active Directory®?

In most cases, IDaaS cannot replace Active Directory, but instead works in conjunction with it. As you dive deeper into IDaaS and Active Directory, you find that on top of the fact that you cannot replace AD with IDaaS, the two together don’t form a complete solution either. IDaaS solutions often struggle to connect users to their on-prem resources, and AD doesn’t work well with Mac® or Linux® users without extensive bridging software, requiring even more software to be tacked on to pick up the slack.

So, What Can Replace AD?

Stack Analysis is a next generation IT analyst firm that delved into the complex relationship between IDaaS and AD in a recent whitepaper. According to their research, cloud directory services can replace Active Directory, unlike first generation IDaaS. Cloud directory services is the (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at:

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 280 posts and counting.See all posts by zach-demeyer