Amazon Offers 'Feature-Rich' Active Directory As A Service

Windows 10, New Devices, Exec Shakeup: Microsoft's 2015

Amazon Web Services recently introduced AWS Directory Service for Microsoft Active Directory, Enterprise Edition, as another step toward making it easier for enterprises to use the cloud with a familiar directory that is readily available to them.

AWS also recently announced another enterprise-oriented move, one that it has resisted until now: Single-customer dedicated servers for those enterprise workloads deemed too sensitive or too compliance-oriented to run in a multi-tenant public cloud setting.

AWS is augmenting its appeal to the enterprise as Microsoft takes advantage of its own already large presence inside the enterprise data center. As the author of Active Directory, Microsoft knows how to appeal to its users to attract them to the Azure Cloud and offers Azure AD Connect as a way to coordinate Active Directory on-premises with cloud operations.

In postings Dec. 3 and 4, AWS said it was offering Active Directory in an enterprise-oriented, feature-rich form.

Its enterprise edition is a service in the AWS EC2 cloud available to all customers as a managed service. That is, instead of the usual self-service that a customer must follow with his or her own workloads, Directory Service for Microsoft Active Directory, Enterprise Edition, is managed by the operations staff of AWS. The service guarantees that the sophisticated replication functions and access permissions managed by Active Directory will be offered at high availability.

If you select the Active Directory managed service, AWS will launch two domain controllers each in a separate availability zone of a designated region, giving the system a redundant capability, according to documentation posted by Amazon. The service is connected to a customer's virtual private cloud inside Amazon, helping keep that cloud functioning as "highly available" infrastructure.

"Host monitoring and recovery, data replication, snapshots, and software updates are automatically configured and managed for you," according to the Dec. 3 announcement.

AWS has previously included an ability to use a customer's Active Directory on-premises with its Directory Service in the cloud, but the latest offering opens more options for enterprises that depend strongly on its services.

With Active Directory as a managed service, a customer can run "directory-aware" workloads in the AWS cloud, such as Microsoft SharePoint, Office 365, or custom .Net and SQL Server applications.

"You can also configure a trust relationship between Microsoft Active Directory in the AWS cloud and your existing on-premises Microsoft Active Directory, providing users and groups with access to resources in either domain," according to Amazon. Customers could also do so using single sign-on, Amazon noted.

AWS already offers Simple Active Directory as a service in the cloud as its least expensive form of Active Directory service. It also offers what it calls Active Directory Connector to tie an on-premises directory into the AWS Active Directory service.

Microsoft stepped up its own discussion of Azure Active Directory and Azure AD Connect on Dec. 2, the day before the Amazon announcement.

[Read more: ]

Third parties offering products on top of Azure, such as the software unit of Dell, also understand the growing need for better Active Directory integration with cloud workloads. Dell produces Recovery Manager for Active Directory, which can detect changes made in an Active Directory system and recovery them, if necessary. Recovery Manager now works in a hybrid cloud setting where Active Directory is being used both on-premises and in the Azure cloud.

IWK 2016 Elite 100 deadline copy - 12/10/15 and after

**Elite 100 2016: DEADLINE EXTENDED TO JAN. 18, 2016** There's still time to be a part of the prestigious InformationWeek Elite 100! Submit your company's application by Jan. 18, 2016. You'll find instructions and a submission form here: InformationWeek's Elite 100 2016.