Information Technology Navigator

Tips, Advice & Insights from Technology Pros

Make “Identity Utopia” a Reality in Active Directory

Posted by Steve Caprio

Fri, Mar 24, 2017

Handsome businessman cheering with arms up against low angle view of skyscrapers.jpegWhen making a decision to move production workloads to the cloud, one of the first things that is considered is cost. However, there are frequently many hidden costs that are not factored into the cloud decision until they appear in the real world. For instance, what is the cost to end users’ productivity if they don’t have the correct access to the application or system that now resides in the cloud? What new burdens are placed on the IT team if end users, now managing identities in two places, constantly require assistance to access their work? What costs are associated with securely authenticating end users to the workload?

These costs have a common thread – identity management. In order to keep them in check there is great need for seamless cross-premises identity management and strategic thinking around security and functionality. With Azure Active Directory (AD) and the AD Connect tool, IT organizations can seamlessly synchronize their on-premises Active Directory with Microsoft Azure. Azure AD is the underpinning of managing identity across Microsoft solutions but also integrates with hundreds of SaaS applications commonly used by today’s enterprise. These integrations enable the identities of end users on-premises to carry the same information, security, access, etc. with them while utilizing cloud applications and workloads. The benefit of this cross-premises setup to IT is that there is a simple and auditable mechanism in place to provide, track, and manage access and security across applications both on-premises and in the cloud. From IT’s perspective, it might just be “Identity Utopia!” 

But like anything worthwhile, it’s not always easy to get there. The difficult goal of establishing this “Identity Utopia” is directly related to of the volume of moving parts in a typical environment. In fact, in many cases Active Directory may not be in a condition ready for cross-premises synchronization. A lot of hard work needs to occur in this area before any realistic hope of achieving identity “bliss” is possible.

Fortunately, Daymark can help. We have deep experience architecting and deploying Active Directory on-premises and in the cloud as witnessed by our Microsoft Gold Competency for Cloud Platform and significant success in a wide range of Azure deployments. Daymark can perform an Active Directory assessment, breaking down what needs to be addressed ahead of synchronization and key challenges an organization may face based on their unique scenario. Furthermore, Daymark can assist with the post synchronization configuration of security and integration of desired applications. If “Identity Utopia” sounds good to you, contact us to get started.