Advantages of active directory domain services
The deployment of AADDS is relatively simple once you have your on-prem AD connected to AAD using Ad Connect.
![advantages of active directory domain services advantages of active directory domain services](https://www.intelecis.com/wp-content/blogs.dir/743/files/2018/08/domain-word-made-of-square-letter-word-on-wooden-b-2021-08-30-10-51-02-utc-300x201.jpg)
It all sounds wonderful, and it is in most cases. Here are some pros and cons. It integrates with Azure AD and, when synchronized with an on-premises AD DS environment, allows you to extend your on-prem identities to run in Azure as part of a lift-and-shift strategy. Here are some of the differences you need to keep in mind.ĭomain or Enterprise administrator privilegesĭomain authentication using NTLM and KerberosĪzure Active Directory Domain Services (AADDS)Īzure Active Directory Domain Services (Azure AD DS) provides a managed domain services with a subset of fully compatible traditional AD DS features such as domain join, group policy, LDAP, and Kerberos / NTLM authentication. Once that is known, you can now decide if you will use one of the two remaining options, namely AD or AADDS, you can use to support your workload. You need to know your apps and how they interact with AD. When "lifting and shifting" applications to the cloud, there are a lot of identity needs that may be required, do they use AD services? Does the workload need a service account managed by AD both on-prem and in IaaS? Does the workload need to Extend the AD schema? Does the application need access to an Application Partition in AD? However, AAD does not have capabilities like Group Policies or Application Containers or extensible schema, which is sometimes required by some workloads, among other capabilities. It supports web-based OAuth 2.0, SAML 2.0 and Open ID authentication frameworks.
![advantages of active directory domain services advantages of active directory domain services](https://www.okta.com/sites/default/files/styles/1640w_scaled/public/media/image/2020-12/Active-Directory-Tiers-Diagram.png)
AAD is our cloud-based identity solution that allows you to leverage users, groups, applications and security principal concepts. If you are moving to the cloud by subscribing to SaaS applications or rewriting existing applications using modern PaaS services, you’ll want to take advantage of Azure Active Directory (AAD). It's essential to understand the differences when you’re looking at a “lift-and-shift” scenario from on-prem to IaaS.
![advantages of active directory domain services advantages of active directory domain services](https://ars.els-cdn.com/content/image/3-s2.0-B9781597495783000049-f04-31-9781597495783.jpg)
I met with some customers last week, and we had a great conversation about Active Directory and the differences between all the flavours available to them when adopting a hybrid posture. This post has been republished via RSS it originally appeared at: New blog articles in Microsoft Tech Community.