Azure AD Domain Services vs Self-managed AD DS
Azure AD Domain Services enables you to deploy your workloads in Azure Infrastructure Services, without having to worry about maintaining your identity infrastructure.
Comparison of Azure AD Domain Services to DIY AD domain in Azure:
Comparison of Azure AD Domain Services to DIY AD domain in Azure:
| Feature | Azure AD Domain Services | Self-managed AD DS |
|---|---|---|
| Managed service | ✓ | ✕ |
| Secure deployments | ✓ | Administrator needs to secure the deployment. |
| DNS server | ✓ (managed service) | ✓ |
| Domain or Enterprise administrator privileges | ✕ | ✓ |
| Domain join | ✓ | ✓ |
| Domain authentication using NTLM and Kerberos | ✓ | ✓ |
| Custom OU structure | ✓ | ✓ |
| Schema extensions | ✕ | ✓ |
| AD domain/forest trusts | ✓ (one-way outbound forest trusts only) | ✓ |
| LDAP read | ✓ | ✓ |
| Secure LDAP (LDAPS) | ✓ | ✓ |
| LDAP write | ✓ (within the managed domain) | ✓ |
| Group Policy | ✓ | Full |
| Geo-distributed deployments | ✕ | ✓ |
Comments
Post a Comment