man's hand using laptop with padlock on top of it

Azure Active Directory – Your Questions Answered

Microsoft Azure is one of the largest cloud platforms in the world. Many businesses are taking advantage of cloud technologies to increase their efficiency and security. One of the ways businesses are doing this is by using cloud solutions like Azure Active Directory.

The cloud-based Azure Active Directory is replacing on-premises Active Directory. Let’s take a look at why businesses use Azure Active Directory. You’ll see how it works and how a Microsoft-certified managed Azure services provider like Carden IT can help.

The past

Active Directory is an identity solution. A database of users, computers and entities that controls access to network resources. When new users and computers were added to the network, these were added to Active Directory on the server.

When a user logged in, Active Directory would provide the user the resources they are permitted to use. Users can also login to any machine that is connected to the server. This is because the user was logging into Active Directory on the server and not an account on the local machine.

For decades, Microsoft Active Directory has existed on Microsoft servers built for and hosted in physical company offices. These are known as on-premises servers.

The present

Fast forward to today, and many companies still have on-premises servers and still use on-premises Active Directory. Each business can choose whether to run their Active Directory on premises or the host it in the cloud.

The deciding factor is normally whether the business uses any applications that are not suitable for the cloud. However, if this is not the case for your business, then it no longer makes sense to use on-premises servers. This is due to cost but also the increased reliability and reduced maintenance of cloud services.

If your business is ready to move to the cloud, Carden IT Services can join your machines to the Azure Active Directory as part of our managed cloud services.

Wait. What is Azure Active Directory?

Azure Active Directory functions as a cloud replication of your on-premises Active Directory. It allows us to connect machines to the cloud for login purposes.

If you are a Carden IT Services customer, we will already be syncing your on-premises directory with Azure Active Directory. The Active Directory provides your Office 365 accounts and allows password synchronisation between your on-device and cloud accounts. In other words, changes are made on your servers, which will then sync to Azure. This process is known as ADSync.

The future

Nobody will disagree that the evolution of technology has been incredible over the last 10 years. Our lives can live in our pocket, and our data can live on the cloud. With internet connections becoming faster, it will become more feasible to run everything online. Azure Active Directory’s functionality will increase, and more machines will be connected to it rather than its on-premises alternatives.

Wave goodbye to local accounts!

Before the introduction of Office 365, companies tended to create local user accounts on individual machines, but this was far from a secure solution. A Microsoft engineer’s standard-issue USB drive could reset this in minutes. We do not recommend creating local accounts on devices if you are an Office 365 user. Instead, you should join your machine to Azure for increased efficiency and security!

What are Azure Active Directory’s advantages and disadvantages?

The Azure Active Directory service allows us to connect your machine directly to Office 365. Once connected, you will log directly into Office 365 without first logging into the local system or server. This means your machines will be more secure as Office 365 must confirm your identity before you are granted access to any of the files on your machine.

Machines using Azure Active Directory are harder to break into. This provides an extra layer of security if a device is lost, stolen or taken by a rogue employee. Corporate data can even be wiped remotely from the machine from the Office 365 admin portal. However, this increased level of security also requires you to use Microsoft Intune.

There are also some disadvantages of Azure Active Directory over using an on-premises Active Directory. One such disadvantage is the omission of an Azure Active Directory group policy. An administrator can utilise Active Directory group policies to implement specific configurations for users and computers. This is generally used as a security programme that allows you to apply security settings to many users and systems.

The lack of an Azure equivalent can be solved by using Microsoft Intune on top of Azure Active Directory. Our team provides expert Microsoft Intune support in addition to our Azure cloud services.

Single sign on (SSO)

Single sign on is as the name suggests – using a single sign on for many services. Of course, Office 365 itself is a single sign on to all your Microsoft Office applications (Outlook, SharePoint, Teams, etc).

You may also find that providers of other applications will use the Office 365 platform to verify your login. This allows the same credentials you use in 365 to be used in third-party cloud apps. The entire login process is carried out securely and implementing multi factor authentication can add yet another layer of security.

Moving to Azure Active Directory

After you spend time consulting with one of our Azure experts, each machine will have to be disconnected from on-premises and joined onto Azure. This process creates new Windows profiles on each machine, that will need to be configured. Much of this configuration can be automated via the Azure Intune Portal if you are using Microsoft Intune.

We will always connect single machines to Azure first to test that the joined devices are working as expected. Following this, we will connect larger batches of machines. This ensures your business’s cloud migration process to the Azure environment is completed with minimal disruption. We can also help implement Azure Active Directory in hybrid cloud environments.

Through our IT support and consultancy services, we’ve helped businesses of all sizes to take advantage of the cloud. With our expertise, they’ve improved and streamlined their cybersecurity, data backups, disaster recovery and more. If you would like to hear more about our Azure managed services, speak to our team today.

Author: Dave King

Dave King is the Co-Founder and Director of Carden IT Services and the wider Carden IT Group. Dave has over 18 years’ experience in business IT networks with a focus on IT consultation and disaster recovery planning/testing.