Is there a Difference Between Windows Server Active Directory and Azure AD
Is there any server administrator that has not heard of Active Directory?
I really doubt there is any working experienced computer administrator that has not heard of Active Directory even if they do not manage in a Windows environment.
The first Active Directory betas from Microsoft appeared sometime in 1999, and it was officially released in Windows 2000 Server edition. Through the year many revisions and features have been added to extend functionality and improve administration of Active Directory domains.
For the most part AD is an on-premise technology organizations use to manage their Users, computers, and networks.
What helps administrators manger their onsite Active Directory with the greatest of ease is group policies. The group policy feature allow almost any user and computer settings to be managed throughout an organizations network. Without a system such as Active Directory managing a small to large network would simple be cost prohibitive with all the labor it would take to do so.
What’s Different in Azure Active Directory?
Windows Server Active Directory design was revolved around onsite networks, and it served organizations well for that purpose, however as SaaS and web based MDM(Mobile Device Management) systems started to gain in popularity Microsoft introduced their Cloud based Azure Active Directory for these and other services.
Azure Active Directory was designed to support web-based services that use REST API interfaces and works with other Microsoft Cloud products such as Office 365.
Can We Use only Azure Active Directory?
Yes and No. For some organizations it is possible to use only Azure Active Directory. If you are using Office 365, with exchange and do not need all the great group policies that Active Directory has to offer you could use only Azure Active Directory. Your users and device management will all be in the cloud, however many of the current management tool that are used for on premise Active directories cannot be used and Azure AD feature wise is still not as mature as an onsite AD installation. Most organizations start off by using Azure or Office 365 portal to manage their tenants, but 3rd party tools are available such as Cloud System Manager for Azure.
Can we use both Azure AD and Active Directory?
Absolutely, Microsoft in the last few years has released several tools to synchronize on premise active directory domains to Azure AD. It is very possible in the future that Azure AD will have all the necessary features to completely replace an onsite AD network. But for now, you will need “Azure AD Connect.”
What is Azure AD Connect you ask?
Azure AD Connect allows easy migration of on-premises Active Directory to Azure AD.
Azure AD Connect will connect and synchronize your on-premises Active Directory to Azure AD on a scheduled basis, but a manual synchronization can also be done. Currently not every AD object is synchronized between on premise and the cloud. Local users are written to the cloud AD, but Users created in Office 365 or Azure AD are not written back to the onsite AD.
For a list of different features check out this comparison of Azure subscriptions features