Moving to the cloud

Active Directory

Active Directory (or AD for short) is another service ripe for moving to the cloud, as it removes the need for businesses to run expensive on-site hardware dedicated to AD, making it an attractive option due to the significant potential for financial savings.

What is Active Directory?

Active Directory has been around for a long time (since last century, in fact).

Developed by Microsoft as a means of managing the authentication and authorisation of users on a domain (your business network), AD began life as a subset of the Windows 2000 server, but has remained an ever-present in all Microsoft server environments, right up to and including Microsoft Server 2016.

The terminology has changed slightly, with the solution now being referred to as Active Directory Domain Services (AD DS), but its role is essentially the same.

AD stores information about each user on a network (their names, passwords, phone numbers, etcetera), as well as information about each network resource (workstations, peripherals and network devices).  Thanks to its extensive database, AD is able to provide the robust identification and authentication necessary to protect your network from intruders.


With cloud technology (specifically, Microsoft’s ‘Azure’ cloud environment), AD can now perform the same functionality it always did on your local network, but from a centralised cloud location.

Active directory has evolved considerably since its beginning back in 1999, with Microsoft’s Azure Active Directory now representing a finely tuned service, optimised for robust, scalable cloud performance.

With modern businesses having to contend with transient enterprise and non-enterprise devices (what if an employee decides to connect their Android phone to your network?), having your AD functionality in the cloud is often the most secure as well as the most cost effective choice.

In addition to the potential savings in on-site hardware costs, Azure AD is scalable by nature, so unlike an on-site AD server it grows with your organisation and can easily cope with increased demand, as time goes by and your personnel increases.


One of the many ways in which advancements in technology have affected the way we do business is by facilitating the rise of the remote worker.

Many modern employees are able to perform their jobs from outside the traditional office environment: in excess of 50% of workers in New Zealand work outside of their main office for at least part of their working week.

With Azure Active Directory, remote workers are quickly identified and authenticated on their devices, no matter where they connect from, enabling a more healthy work / life balance for your staff, whilst cutting down on unnecessary carbon emissions caused by excessive commuters.

If saving the planet isn’t sufficient motivation, remember that Azure AD also allows your workforce to connect instantly to the resources they need from absolutely anywhere with an internet connection (cafés; hotels; the gym; Barbados) whilst maintaining the security and assurance of your traditional on-site AD server.


As always, the answer is “it depends”.

The cost savings of moving to Azure Active Directory can be dramatic, so if it’s commercially and logistically viable, we would usually recommend it.

The main caveat to consider is whether your business has a stringent requirement for any functionality that isn’t yet available in Azure Active Directory.

Examples of questions we would seek to answer before making a concrete recommendation include:

  1. Is Microsoft Enterprise Mobility appropriate an affordable option, in order to ensure adequate security protection for mobile devices that might seek to join the Azure Active Directory?
  2. Does the business use any specific line-of-business software that use integrated Windows authentication services?  If so, will these line-of-business applications also move to the cloud, or be superceded by cloud-friendly alternative solutions?
  3. Does the business use client authentication certificates (only available through on-site AD solutions) for their wireless or VPN services?

At Ohnyx, we perform a thorough audit of our client’s existing infrastructure and assessment of their needs based on their goals and individual circumstances.  You can be confident that any recommendation we make to migrate Active Directory to the cloud will only come after much investigation and diligence on the part of your IT health provider.