none
Is Azure Active Directory replacement for Active Directory Domain Service? RRS feed

All replies

  • Answer is NO it is not the same or replacement.

    Azure AD is primarily an identity solution, designed for Internet-based users and applications using HTTP and HTTPS communications.
    - It has gone back to a flat file structure, ie no OU’s etc.
    - It does not use Group Policy or Group Policy Objects (GPO’s).
    - It cannot be queried with LDAP. Instead, it uses REST API’s over HTTP or HTTPS.
    - It doesn’t use Kerberos for authentication. Instead, it can use various HTTP and HTTPS protocols such as Security - Assertion Markup Language (SAML), WS-Federation and OpenID Connect for authentication (and OAuth for authorisation).
    - It includes Federated Services, which allows it to federate (i.e. form a trust relationship) not only with on-premise - AD DS, but also with other third party services (such as Facebook) for authentication purposes, giving users a single sign-on capability across multiple systems.



    If you find my reply helpful, please "Mark as Answer"


    Thursday, September 6, 2018 10:36 AM
  • Hi 

    Thanks for the response, as per the below link...in modern device management...............I can see that by Azure AD..we can manage Windows 10

    https://docs.microsoft.com/en-us/windows/client-management/manage-windows-10-in-your-organization-modern-management

    that means can we eliminate AD DS in modern device management? 

    Wednesday, September 12, 2018 10:22 AM