What is Windows Azure Active Directory?
Windows Azure Active Directory (“WAAD”) is a cloud extension of Windows Server AD. WAAD offers its users a highly scalable and high availability enterprise-grade identity management solution with integrated disaster recovery.
WAAD-service differs from the rest of the Azure services in that it is free.
Companies already have AD – why take identity management from the cloud?
WAAD is designed to answer to the requirements of modern SaaS-solutions. The world has changed. For example in traditional AD we have an “organization”, that contains “groups”, that contain “people”. This rigid hierarchy is not flexible enough to describe the workings of an organization in the multidimensional world of today.
In addition to the changing world view, in many organizations external cloud services are being used; Salesforce, Yammer, Skype, Dropbox, etc. These external services are not connected to the on premises AD, and thus they threaten the organization’s ability to effectively manage user privileges and identities.
What does WAAD offer your organization?
- The ability to centralize the identity management in your organization
- The ability to offer your employees a Single Sign-On capability even to services outside your organization
- WAAD is highly scalable and with high availability, and your organization doesn’t have to maintain related infrastructure or worry about disaster recovery
- All development related to identity management in your organization gets easier, since WAAD utilizes standardized REST and OData protocols
- You can still have your sensitive data in your on premises AD, even if you used WAAD for external services
- Your IT-department can manage users for all applications from one location
- If required you can easily use identity providers from Google / Facebook / Microsoft (for example in Extranet-situations)
- Your IT-department can manage WAAD with well-known PowerShell-scripts
- If you already have Office 365 / Windows Intune Online accounts, you already have a WAAD-account as well
- In some situations you can get rid of maintaining your own AD altogether
I’ll go deeper into this subject during the Techdays Finland 6.3.2013