Azure Hosted Domain Services Generally Available

Azure Active Directory (AAD) Domain Services delivers most of the on-premises Windows Server Active Directory (AD) functionality to Azure Virtual Machines (VMs) and services running in Azure. AAD Domain Services can remove the requirement for server applications to directly connect to an on-premises AD or deployment of AD domain controllers in Azure VMs. Although the service could simplify deployment of existing server-based applications in Azure, it will require ongoing usage fees.

AD-Compatible Directory as a Service

AAD is a scalable, multitenant, Microsoft-hosted identity and access management service. AAD Domain Services, which became generally available in Oct. 2016, is an extension of AAD to enable Azure hosting of applications that require full Domain Services functionality. For example, it could prove ideal for legacy departmental applications and could also benefit AAD deployments of older versions of SQL Server.

AAD Domain Services capabilities that are not offered by AAD include NT Lan Manager (NTLM) and Kerberos-based authentication, full support for AD domain join, Group Policy—based administration, and Lightweight Directory Access Protocol (LDAP) compatibility. In the past, organizations needing these kinds of capabilities have had two options in Azure: