With tools like Azure AD Domain Services, Azure Active Directory and Windows Virtual Desktop, it’s now easier than ever to move your apps, processes and infrastructure into the cloud.
Here’s a look at Azure AD Domain Services (AADDS), which was released a few years ago but has now gained more widespread attention after the release of Windows Virtual Desktop.
What Is Azure AD Domain Services?
Azure AD Domain Services is the cloud variant of the standard Windows Domain Controller you’re most likely already familiar with. That means it’s a managed service for identity management with all of the resources you use being hosted on Azure. In comparison to the classic Windows Domain Controller there are just a couple of differences to take note of:
- No extendable schema
- No domain or forest trusts
- No Enterprise or Domain Admin privileges
Aside from that, it supports domain joining for VMs, group policy application, lightweight directory access protocol (LDAP) and Kerberos / NTLM authentication, which is compatible with Active Directory. Another of its core strengths is that it also makes lifting-and-shifting assets to Azure extremely easy.
Azure AD Domain Services Pricing
Just like Windows Virtual Desktop, which we have explored in a range of other posts, the Azure AD Domain Services pricing is certainly attractive. You only pay for what you use and there are no upfront costs at all.
There are three different packages, Standard, Enterprise and Premium. Each offers differing frequencies of backups, Auth loads and object counts. Technical support comes too for an extra price.
If you need more help figuring out which package to choose, or more help on Azure AD Domain Services pricing in general, make sure you consult the pricing calculator.
Moving to the Cloud: AADDS, WVD and ezeep
Organizations aren’t just moving to the cloud for the sake of it either – there are a couple of benefits to be had which we can summarize quickly.
- Efficiency. Move on-prem servers and apps into the cloud, reducing the maintenance, updates or security measures that need to be taken care of as a result.
- Scale. Increase your flexibility. Need more or less capacity? Everything can be fine-tuned on demand.
- Availability. Resources and applications that use authentication can be “lifted-and-shifted” to the cloud and made accessible to the workers that need them.
- Add-ons. Keep processes adaptable and level up with cloud-based partner integrations when needed.
Lots of videos online give great proof of how it can be achieved and how AADDS looks like in practice.
In the video above, AADDS is used in combination with WVD and FSLogix in Azure Files Storages accounts, documenting all the steps your will need to take. This includes setting up AADDS, in addition to setting up a custom WVD deployment that’s linked to AADDS.
Once partner integrations, like CloudJumper (for improved management) and ezeep (to connect your remaining on-premises printers to the cloud) are brought into the mix, a fully cloud-based environment becomes a viable alternative to classic 100% on-prem setups.