Rethink Active Directory
How did Active Directory establish its foothold?
For decades, Microsoft’s Active Directory (AD) has been included “free” with Windows Server and Microsoft Exchange, creating legacy lock-in. Over the years, AD’s tentacles grew as it became deeply embedded in most companies’ IT infrastructures. Because it was easy to integrate with, join to, and build applications and processes around, that's what companies did — until AD became the default platform in ~95% of organizations. However, it’s become a legacy utility that creates more headaches than benefits for IT managers.
Microsoft originally built AD to compete with the previous directory services leader, Novell, and offer IT departments a central way to manage their organization’s users and devices. Back then, IT was typically supporting a single Windows PC for each person in their organization. This device directory connected users with on-premises applications like Microsoft Exchange and Office on their individual computers, as well as with other types of machines like printers and servers. IT departments eventually built logic in AD to enforce device-specific security policies such as password reset requirements.
Along with these capabilities, AD brought several frustrations for IT. Administrators struggled to maintain brittle integrations as their IT ecosystems evolved, and didn’t appreciate the extra hardware, software and people resources AD required. What’s more, since it was never intended to function outside a corporate network, or with non-Microsoft apps and devices, AD has done a poor job adapting to modern challenges. AD is still useful for on-premises challenges, but its inherent limitations are holding IT back from focusing on innovation. Meanwhile, Microsoft is economically incentivized to keep customers on AD as long as possible or risk taking a hit to their operating system and application revenue.
Although AD may never disappear from the landscape completely, IT departments now have alternatives. Today there are paths toward retiring AD, or at least reducing its role in the infrastructure. The benefits of minimizing IT’s reliance on A