Integrating Entra ID and Active Directory

• Organizations now have three options for integrating Entra ID with on-premises Active Directory.
• Each option has distinct benefits and limitations, but pass-through authentication offers the most flexible set of options.
• Active Directory Federation Services continues to be supported, but Microsoft’s development efforts are focused on more simplified hybrid identity integration options.

Three options exist for organizations to integrate Entra ID—Microsoft’s cloud-hosted identity and access management service—with Active Directory on-premises using Entra Connect Sync, a freely available utility from Microsoft. These integration options allow users to log on to both on-premises applications and hosted applications like Microsoft 365, Office 365, Azure, and Intune, using the same set of credentials used to access on-premises resources. Integration also enables an on-premises directory to control access to on-premises and off-premises applications, apply a consistent set of policies to address security concerns, and take advantage of security, reporting, and governance capabilities offered with paid tiers of Entra ID services.