Become a Member My Atlas
Insights
Training
Advisory & Negotiation
Free Resources
About
Contact Us
Search
Become a Member

Updated: July 23, 2020 (June 25, 2018)

  Charts & Illustrations

AAD DS Limitations Versus AD DS

My Atlas / Charts & Illustrations

259 wordsTime to read: 3 min
Wes Miller by
Wes Miller

Wes Miller analyzes and writes about Microsoft’s security, identity management, and systems management technologies. Before joining Directions on Microsoft, Wes... more

Azure Active Directory Domain Services (AAD DS) has limitations that an organization would not face if they relied on domain controllers running in Azure VMs or on-premises. This could make it harder to migrate some systems to Azure, and it prevents AAD DS from replacing Active Directory Domain Services (AD DS) on-premises. The accompanying chart shows some of the major differences between AAD DS and AD DS running in Azure VMs.

Capability Description AAD DS AD DS in VMs
AD domain/forest trusts Trust relationship possible between this directory and another directory or forest. No Yes
Custom Organizational Units (OUs) Create OUs to enable delegated management of user or computer accounts, groups, etc. Yes Yes
Domain authentication Authenticate to multiple corporate systems using AD domain credentials and the NTLM and Kerberos authentication protocols. Yes Yes
Domain join Join a Windows-based device

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now