Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Microsoft Charging Forward with Azure Active Directory Capabilities
The software giant continues to focus on building out its Active Directory IDaaS offering
Sean Deuby
September 26, 2014
5 Min Read
Microsoft's Active Directory team continues to enhance its massive Azure Active Directory service at a breakneck pace, underscoring their commitment to the Azure cloud side of the ubiquitous Active Directory Domain Services (aka Windows Server Active Directory).
I had an inkling of what was to come over a year ago. I was talking with a senior Azure AD PM at the 2013 Cloud Identity Summit, reflecting on my April article about Azure AD reaching GA in which I warned that the basic capabilities of this new Azure service were just a harbinger of things to come. He told me, "Just you wait."
One year later in July, I gave a presentation at the 2014 conference about this much matured service, entitled "Azure AD: The Future Of Microsoft Identity". In it I presented several points:
Azure is Microsoft's future. Anyone that's paid any attention to Microsoft's announcements in the last year has noticed how they are driving strongly towards the cloud, at the expensive of on-premises solutions. Microsoft is moving both its products - and indeed its own internal IT - to the Azure cloud as quickly as practicalities permit.
Azure is big. It's really big. Seriously, it's hard to comprehend just how big it really is. (Apologies to Douglas Adams.) In July of last year, then-CEO Steve Ballmer stated that Azure data centers held "comfortably over a million physical servers." Last year, Azure server purchases accounted for 17% of all server purchases worldwide. And Azure is only getting bigger. In May of 2013, Global Foundation Services general manager Christian Belady stated that his division was performing data center build-outs "at a scale no one has ever seen before". At Tech Ed North America in June, Technical Fellow (and now Azure CTO) Mark Russinovich stated that Microsoft's plan was to double Azure's capacity in 2015…and double it again in 2016. Can you even wrap your head around how big that is?
Azure AD is at the center of Azure. As Active Directory director of program management Alex Simons puts it, "identity is the control plane" upon which cloud services depend. And for Azure, this control plane is Azure Active Directory.
Microsoft is not content to let Azure AD be just a "lowest common denominator" solution. A long-recognized Microsoft product pattern is to provide basic capabilities, and allow a rich independent software vendor ecosystem to enhance these capabilities with their own products. In contrast to this strategy, Simons has a team of 500 working on building out Azure AD with a competitive set of features to compete in the IDaaS (identity management as a service) market. 30 developers are working on machine learning-based reporting alone.
Promises are one thing, of course, and execution is another. You could fill a filing cabinet with Microsoft announcements and intentions that never saw the light of day. But let's take a look at Azure AD announcements over the last 3 months to rebut that critique:
7/23/2014: Azure Device Registration Service Preview. This allows you to do a Workplace Join in Azure AD, for hybrid environments.
7/28/2014: Azure AD Sync Beta 2. Adds selective sync, improved password reset & Exchange hybrid support to this DirSync successor.
8/4/2014: Azure AD Connect announcement. Azure AD Connect is an overall configuration tool to speed setup of AD FS and AADSync to Azure AD (only).
8/18/2014: Improvements to Cloud App Discovery. Cloud App Discovery is a hybrid service that tells you exactly what SaaS apps and popular websites your organization uses. It consists of an agent you push to your organization’s PCs, an Azure service that analyzes the resultant data, and a dashboard that shows you apps usage with a filtering ability.
8/20/2014: Suspend MFA on a Remembered Device. Once a device+browser has been authenticated with Azure multi-factor authentication, it can be remembered for up to 60 days.
9/3/2014: 50+ SaaS Apps and growing now support federation with Azure AD. This post highlights the number of major SaaS apps that support federation – and the fact that, still, only a tiny minority of the estimated 25,000 apps in existence support this secure single sign on standard.As the Azure AD team was building out its portfolio of SaaS applications supported with single sign on (via both federation and form fill) in the second quarter of this year, they were adding approximately 100 apps per week.
9/9/2014: GA of OpenID Connect and OAuth 2.0 support. Official support of these two cornerstone identity standards.
9/12/2014: Preview of Roles Based Access Control (RBAC) Service powered by Azure AD. RBAC is an important component of any distributed authorization system, so this is an important announcement.
9/15/2014: GA of Azure Active Directory Basic. A middle subscription tier targeted at large organizations that have deskless employees, I recently described it in more detail.
9/16/2014: GA of Azure Active Directory Sync. The day after Azure AD Basic went GA, so did Azure AD Sync.
9/18/2014: Simplified License Assignment with Azure AD and EMS. Azure AD now automatically assigns Premium, Basic, and Enterprise Management Suite (EMS) licenses to users when they’re added to a group.
That’s a lot of product announcements and enhancements. It sounds like Simons isn't finished yet, either. Yesterday, Gartner analyst Lydia Leong tweeted, "Recently listened to cloud plans from Cisco HP IBM Microsoft and Oracle. Microsoft exponentially more visionary, ambitious. Astoundingly so." Those are strong words. So hang on tight and stay tuned; I'll be tweeting or reporting on changes to Azure AD as they're announced.
Sean writes about cloud identity, Microsoft hybrid identity, and whatever else he finds interesting at his blog on Enterprise Identity and on Twitter at @shorinsean.
Read more about:
MicrosoftAbout the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
