Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cloud based identity with Azure Active Directory


Published on

An introduction to Azure Active Directory and comparison with on-premises Active Directory Domain Services.

Published in: Technology

Cloud based identity with Azure Active Directory

  1. 1. WSADDS AAD Security boundary Forest Tenant On-premises Yes No Multi-tenant No Yes Multi-master Yes No Object types User, computer, ou, inetOrgPerson, groupPolicyContainer, serviceConnectionPoint, … AlternativeSecurityId, Application, AssignedLicense, AssignedPlan, Contact, Device, DirectoryObject, DirectoryLinkChange, Group, KeyCredential, LicenseUnitsDetail, PasswordCredential, PasswordProfile, Permission, ProvisionedPlan, ProvisioningError, Role, RoleTemplate, ServicePlanInfo, ServicePrincipal, SubscribedSku, TenantDetail, User, VerifiedDomain Extensible Schema Yes Yes Protocols RPC, ADSI, LDAP/LDAP-S, GC-LDAP HTTP (Graph, OAuth, OpenID Connect, SAML, WS-*) API Win32 Graph (REST) Supports domain membership Domain Join (secure channel) Device registration Cross security boundary Forest or Domain Trust API Access Access Control Access Control List (ACL) Role Based Access Control (RBAC)
  2. 2. *indicates a feature still in preview
  3. 3. Connect and Sync on-premises directories with Azure. Azure AD Sync
  4. 4. Identity Synchronization AD FS User attributes are synchronized using Identity Synchronization services including a password hash, Authentication is completed against Azure Active Directory User attributes are synchronized using Identity Synchronization tools, Authentication is passed back through federation and completed against Windows Server Active Directory Identity Synchronization with password hash sync
  5. 5.