Scribd Logo
Upload

Welcome to Scribd!

  • Compare Active Directory Domain Services To Azure Active Directory

    Uploaded by

    Noor Habib
    3 views1 page

    Original Title

    Compare Active Directory Domain Services to Azure Active Directory

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views1 page

    Compare Active Directory Domain Services To Azure Active Directory

    Uploaded by

    Noor Habib

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    AD DS is the traditional deployment of Windows Server-based Active Directory on a

    physical or virtual server. Although AD DS is commonly considered to be primarily a


    directory service, it is only one component of the Windows Active Directory suite of
    technologies, which also includes Active Directory Certificate Services (AD CS), Active
    Directory Lightweight Directory Services (AD LDS), Active Directory Federation
    Services (AD FS), and Active Directory Rights Management Services (AD RMS).
    Although you can deploy and manage AD DS in Azure virtual machines it’s
    recommended you use Azure AD instead, unless you are targeting IaaS workloads
    that depend on AD DS specifically.

    Azure Active Directory is different


    Although Azure AD has many similarities to AD DS, there are also many differences. It
    is important to realize that using Azure AD is different from deploying an Active
    Directory domain controller on an Azure virtual machine and adding it to your on-
    premises domain. Here are some characteristics of Azure AD that make it different.

     Identity solution. Azure AD is primarily an identity solution, and it is


    designed for Internet-based applications by using HTTP and HTTPS
    communications.
     REST API Querying. Because Azure AD is HTTP/HTTPS based, it cannot
    be queried through LDAP. Instead, Azure AD uses the REST API over
    HTTP and HTTPS.
     Communication Protocols. Because Azure AD is HTTP/HTTPS based, it
    does not use Kerberos authentication. Instead, it uses HTTP and HTTPS
    protocols such as SAML, WS-Federation, and OpenID Connect for
    authentication (and OAuth for authorization).
     Federation Services. Azure AD includes federation services, and many
    third-party services (such as Facebook).
     Flat structure. Azure AD users and groups are created in a flat structure,
    and there are no Organizational Units (OUs) or Group Policy Objects
    (GPOs).
     Note

    Azure AD is a managed service. You only manage the users, groups, and policies.
    Deploying AD DS with virtual machines using Azure means that you manage the
    deployment, configuration, virtual machines, patching, and other backend tasks.

    You might also like