Active Directory Types: Difference between Active Directory Vs Azure Active Directory Vs Hybrid Azure AD and AAD DS

We know Active Directory (AD) installed on Windows server called Domain Controller which is on-premises Active Directory and Azure Active Directory (AAD) is on Microsoft Azure cloud supporting cloud application, did we have other Active Directory Types? Yes let me explain further

Types of Active Directory

Active Directory (AD):

As I said this is known to everyone and we called this on-premises AD (Active Directory), Domain Controllers in different locations supporting user authentication and its a centralized depository for all the resource like user/group/computer/printer and others resources, Domain Controllers are located locally on multiple geographical locations and authenticates users and computers in a Windows domain, Active Directory contains Forest/Domain/Tree.

To know more about Active Directory: Active Directory (AD) Real Time Interview Questions and Answers

Azure Active Directory (AAD)

Azure Active Directory (AAD) is identity service for cloud applications like Azure, office 365, Google Apps and many more third-party applications and its hosted on Microsoft Azure, unlike on-premises AD, Single sign-on (SSO) access for all your cloud applications which supports more than 2,800 pre-integrated SaaS (software as a service) applications and its only for Cloud and user can’t use their local Domain credentials, they have to use Azure AD credentials.

Also Read: Active Directory on Cloud

Hybrid Azure AD (Hybrid AAD)

If you are also having old applications which are till required on-premises Active Directory then Hybrid Azure AD is a solution for you and most of the organization using Hybrid Azure AD (Hybrid AAD) to support legacy and cloud applications

Also Read: Force Active Directory Sync through Azure AD Connect to Office 365/Azure with console and Powershell Commands

Basically, you will be having your Domain (on-premises Active Directory) and also having Azure Active Directory, identities been synchronized between on-premises AD and Azure AD using Azure AD Connect synchronized tool to make a single identity, so users can use same credentials to access your local Directory for legacy application and Cloud Directory to access Cloud application

Also Read: Understand how On-Premises Active Directory object get synchronized to Azure AD (Run Profiles Explained)

Azure Active Directory Domain Services (AAD DS)

Azure Active Directory Domain Services (AAD DS) is domain controller as a service from Microsoft Azure for virtual machines in Azure, you don’t have to install a Domain Controller, you can get domain controller as a service and no need to manage dedicated standalone Domain Controller as you have to patch the hardware and design with service redundancy without downtime time

Also Read: Can we Replace on-premise Domain Controller with Cloud-based Active Directory

It just synchronizes the data (users, groups, and passwords) from Azure Active Directory to makes it available for the virtual machines in an Azure platform

And we can’t Azure Active Directory Domain Services (AAD DS) as an Active Directory, why? Its Does not support many features of native on-premises Active Directory like replication, Domain Trust, Schema extensions, LDAP write, Certificate, managed service accounts and many more

Also Read: Visualized Active Directory without Physical Domain Controller

Also Read: Windows Server Administrator Interview Questions and Answers