An area of cloud that is critical for maintaining single sign on activities that businesses have been busy implementing for many years is a directory service; welcome to WAAD. Windows Azure Active Directory. One of the biggest obstacles to corporate customers joining Microsoft in the cloud was the lack of an identity management platform that could join cloud and on premise solutions.
There are three major parts of the Windows Azure Active Directory (WAAD) service:
1. A Web service to create, read, update and delete identity information in the cloud. Developers can also use the SSO abilities of WAAD to allow individuals to use the same identity credentials used by Office 365, Dynamics and Windows Intune.
2. The developer preview allows companies to synchronize their on-premises AD with WAAD and support identity federation too.
3. The recently released developer preview supports integration of WAAD with consumer identity networks like Facebook and Google, making for one less ID necessary to integrate identity information with apps and services.
Currently the version of WAAD is a developer edition and so not all functionality is known yet.
WAAD is hosted by Microsoft in its data centers and is used largely by Office 365, the vendor's cloud Office suite. Information about users, groups and services that are part of the Office 365 offering are stored in a cloud-based AD instance that lives as a tenant on Microsoft's services.
Microsoft says that in the future, you'll be able to bring up an instance of WAAD as part of your overall Azure subscription, but for now, Office 365 is the entry point.
Setting up your cloud tenant instance of Active Directory this way allows the users and groups to come straight from your on-premises directory. This happens the first time that you connect your on-premises ADFS2 instance up to WAAD using DirSync.
This is good move by Microsoft and gives plenty of scope for developing and migrating to the cloud. Things that we don't currently know are as follows:
How will Group Policy work across boundaries?
Where does Intune fit in the overall scheme of things?
Will Kerberos be supported?
What's your thoughts on this? We think it is a pretty smart move by Microsoft to help pave the way to their cloud service.
Need help with your cloud strategy then contact us to see how it can take shape.
No comments:
Post a Comment