What is Azure Active Directory Domain Services?
Key Features
Azure Active Directory’s connection with Office 365 products make it an easy choice for simplifying software and hardware access controls down to one user and one password. However, identity management is a dynamic, competitive field, and many providers offer unique approaches toward user lifecycle management, zero-trust policy enforcement, dashboards, auditing, and more.
Here are some of the key features that distinguish Azure AD:
- SSO: Eliminates the need to log in to an authenticator app in order to log in to the VPN to be able to log in to your email client. One set of credentials enables application access from any device or location.
- Administrative Configurability: SSO opens up the possibility for vulnerabilities, but the access controls can be tailored to administrative desires. Through the Azure Portal, admins can manage user access to applications, define hardware restrictions, enforce encryption standards, mandate specific Windows builds, and define security criteria upon which access is contingent.
- MFA: Couples traditional password protection with other means of establishing user identity, such as a security token on a USB drive or an authentication service on a cellphone, biometrics (usually in the form of a fingerprint), and sometimes proof of location such as a GPS signal or connection to a Wi-Fi network.
- Sync With Active Directory: Can connect with on-premises, legacy, or existing identity and access management servers.
- Mobile Device Management: Unlike Windows Active Directory, Azure Active Directory is designed for mobile and remote users and grants administrators high degrees of management over these devices.
- No Servers Necessary: Azure AD is offered on a cloud platform-as-a-service (PaaS) basis, eliminating needs for on-premises server configuration and maintenance and granting the high availability and redundancy expected from cloud services. Compared to traditional Active Directory, Azure AD alleviates the need for large amounts of resources.
Pricings
Azure Active Directory Domain Services usage is charged per hour, based on the SKU selected by the tenant owner. Azure AD DS is available in User Forest and Resource Forest. Note that a standard load balancer and IP will be deployed to run Azure AD Domain Services. Learn more about load balancer pricing.
| Standard | Enterprise | Premium | |
|---|---|---|---|
| AAD DS Core Service | |||
| Suggested Auth Load (peak, per hour)1 | 0 to 3,000 | 3,000 to 10,000 | 10,000 to 70,000 |
| Suggested Object Count2 | 0 to 25,000 | 25,000 to 1,00,000 | 1,00,000 to 5,00,000 |
| Backup Frequency | Every 5 Days | Every 3 Days | Daily3 |
| Resource Forest Trusts | N/A | 5 | 10 |
| Instances | |||
| User Forest4 | $0.15/hour/set | $0.40/hour/set | $1.60/hour/set |
| Resource Forest4 | N/A | $0.40/hour | $1.60/hour |
Our corporate values: Our values align to our mission, support our culture, and serve as a declaration of how we treat each other, our customers, and our partners.
We recognize that the thoughts, feelings, and backgrounds of others are as important as our own.
We are honest, ethical, and trustworthy.
We accept full responsibility for our decisions, actions, and results.
