When we start to talk about Azure Active Directory with customers, we find there are a couple of common misconceptions. In this Azure Every Day installment, I’d like to shed some light on these.
People try to relate Azure AD to Active Directory on-premises. These two do not line up directly. With AD on-prem, there’s a lot going on like DNS, DHCP, as well as identity management – AD on-prem is actually Active Domain Services. Azure AD is a centralized identity management for your cloud platforms.
The way in which they do equate is with identity management. If you’re looking for a way to sync these two on the identity management level, we use Azure AD Connect, which is an easy way to sync the two.
Azure AD is not tied to one Azure subscription. When you get into Azure, you see everything within Azure is a resource within a subscription. For instance, if you set up a VM or a database, those are resources within a subscription.
Azure AD is the exception to that rule. One Azure AD can be used within multiple subscriptions. It’s your centralized repository for how you secure things in those databases, but also with Azure AD subscriptions as well.
I hope that cleared up some misconceptions. What are some things that Azure AD is good at that you don’t get with AD on prem? For one thing, it’s a great centralized repository for some of your federation of identities. With Azure AD, you can store and secure your company’s accounts, like Facebook, LinkedIn and Twitter. Then you can use your Azure AD security to secure logins to have one central place to provide access to those accounts and remove access when people leave the company.
Some other added security features you gain right out of the box are multi-factor authentication and self-service password set up.
Want to learn more about Azure AD or Azure in general, contact us. Our knowledgeable team is here to answer any questions or talk you through anything Azure. Visit our website or click the link below.