Is Azure Active Directory replacement for Active Directory Domain Service? RRS feed

All replies

  • Answer is NO it is not the same or replacement.

    Azure AD is primarily an identity solution, designed for Internet-based users and applications using HTTP and HTTPS communications.
    - It has gone back to a flat file structure, ie no OU’s etc.
    - It does not use Group Policy or Group Policy Objects (GPO’s).
    - It cannot be queried with LDAP. Instead, it uses REST API’s over HTTP or HTTPS.
    - It doesn’t use Kerberos for authentication. Instead, it can use various HTTP and HTTPS protocols such as Security - Assertion Markup Language (SAML), WS-Federation and OpenID Connect for authentication (and OAuth for authorisation).
    - It includes Federated Services, which allows it to federate (i.e. form a trust relationship) not only with on-premise - AD DS, but also with other third party services (such as Facebook) for authentication purposes, giving users a single sign-on capability across multiple systems.

    If you find my reply helpful, please "Mark as Answer"

    Thursday, September 6, 2018 10:36 AM
  • Hi 

    Thanks for the response, as per the below modern device management...............I can see that by Azure AD..we can manage Windows 10

    that means can we eliminate AD DS in modern device management? 

    Wednesday, September 12, 2018 10:22 AM