Microsoft® Azure® is striving to rule the cloud infrastructure market. Despite the rise in Azure popularity, however, many are curious about its user management tool, Azure Active Directory® (AD). It’s a bit unclear what the use cases for Azure AD are. Many IT organizations assume that Azure Active Directory is simply the cloud replacement to the on-prem Windows®-based directory service, Active Directory. Unfortunately, we know that isn’t true, which sparks the question of how best to leverage Azure AD.
To understand the use cases for Azure AD, we need to step back and understand Microsoft’s overall strategy with identity management.
Microsoft Identity Management
Microsoft brilliantly created Active Directory in the late 1990s. AD would quickly become the dominant solution to manage user access within an organization. Microsoft promoted the concept of the domain, meaning domain-bound end users could simply log in to their Windows laptop or desktop and have access to anything on the Windows-based network.
This approach to domain services worked quite well until the IT network started to shift. macOS® and Linux® machines started to become more popular, web applications replaced on-prem solutions, data centers started to be replaced by AWS®, and more. IT organizations just weren’t cookie cutter, homogeneous Windows environments any more. The result was that AD started to struggle and lose its grip on controlling access to all IT resources.
Patching the Gaps with Azure AD
IT organizations started to purchase identity bridges, web application single sign-on (SSO), multi-factor authentication (MFA), and other solutions to compensate for what AD lacked in modern organizations. Microsoft, of course, was seeing the trends and started to focus more on cloud infrastructure with their Azure platform, along with Office 365™. As a result, Microsoft needed an identity platform for their cloud infrastructure, and decided to build Azure AD.
While the naming made it confusing, since most thought of Azure Active Directory as the successor to the on-prem AD, Azure AD was really a user management solution for Azure. Interestingly, though, they tacked on the capability to federate (Read more...)