Azure Active Directory

[lumencreative]

I've spent today setting up a new network in our office. We've got Windows Server 2016 Essentials, and Windows 10 for all the PC's (6 in total). We currently use Office365 and have a Microsoft Azure account although we don't currently use this.

When setting up Windows Server, and connecting it to 'Microsoft Online Services' (for Office365 integration), I noticed it also configured integration with Azure Active Directory. Then, when I installed Windows 10 Pro on the first PC, it gave me the chance to add the PC to Azure Active Directory.

I'm just wondering, what's the benefit of using Azure Active Directory rather than the Active Directory on y Windows Server box?

(I have read a bit on the Microsoft website, but not really any the wiser).

 

[Throrik]

They're two different things - you can't use Azure AD in the same way that you would use traditional ADDS, you can't do things like OUs, Group Policies, Kerberos authentication etc - Azure is more like an identity management for internet based applications such as Office365.

You would use it for something such as SSO for your SaaS application, or for syncing users for authenticaiton with 365, but you couldn't have people logging on to their computers on a domain account without the traditional ADDS.

 

[Caged]

You can do an Azure AD domain join with a Windows 10 client, and then manage it through Intune. Granted you don't get as many options as you get with GPO.

If I had to manage Windows laptops and Enterprise licensing with DirectAccess wasn't an option then I would prefer to use Azure AD Join over a traditional domain join.