News

Microsoft Azure AD Connect Making Gains

Microsoft's Active Directory synchronization tool known as "Azure AD Connect" has been seeing good adoption since its release in June, Microsoft said this week.

Azure AD Connect is Microsoft's attempt to simplify synchronization tasks via a wizard-like user interface. Six months after becoming commercially available, the product is now being used to "synchronize with more than 24k Azure AD tenants," according to Alex Simons, director of program management for Microsoft Identity Products and Services, in a blog post this week. He described it as Microsoft's "fastest growing solution" among Active Directory sync tools.

Microsoft has previously indicated that Azure AD Connect will be its leading synchronization tool going forward. Older solutions, such as the Azure AD Synchronization Tool (known as "DirSync") and the Azure AD Synchronization Services tool are subject to deprecation, meaning that Microsoft plans to stop developing them. However, past announcements from Microsoft haven't exactly specified when those two older tools will reach an unsupported state.

Possibly, Microsoft may be keeping the older tools around because they are still the best option in some cases, depending on the kind of synchronization tasks that an organization wants to carry out. Microsoft also released its Microsoft Identity Manager 2016 product back in August, which supplanted Forefront Identity Manager 2010 R2. Microsoft Identity Manager 2016 typically would be the choice to handle the most complex synchronization scenarios.

IT pros looking for guidance on precisely which Microsoft sync tool to use for which occasion can find a helpful comparison table of sync tool capabilities in this Microsoft Azure library article. At press time, though, it didn't show Microsoft Identity Manager 2016 synchronization management capabilities.

For some reason, Microsoft keeps moving this comparison table around, making it somewhat hard to find. It's an essential guide, though.

According Simons' data, the old DirSync tool is still widely used, accounting for 50 percent use among organizations with more than 500 Azure AD user accounts. The next most used tool was Azure AD Connect at 17 percent, followed by Azure AD Sync at 9 percent.

Microsoft also measured the use of third-party federation and identity tools. Those tools only accounted for about 4 percent use among the Azure AD authentications measured, per Simons' data. He suggested that organizations were content with Microsoft's free sync tools.

"We've designed Azure AD to be open and standards based so our customers can use a wide variety of third party options," Simons wrote. "However, the majority of customers find that our 'off the shelf' identity solutions meet their needs. Additionally, the data also shows that the level of simplicity we've delivered with Azure AD Connect is having a big impact."

One of the more surprising stats offered by Simons is that 45 percent of the Azure AD authentications were "cloud only." The survey found that 37 percent were using Active Directory Federation Services, a Windows Server federation technology, to authenticate with Azure AD.

As of last month, Microsoft claimed to have 8.24 million Azure AD tenants, with more than 550 million users.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured