Active Directory is Not Dead

If you google “Active Directory is dead” you’ll find self-serving articles by leaders of companies who claim Active Directory is dead or dying. These articles are self-serving in that their businesses have an interest in trying to convince people to replace Active Directory to make money. In my experience, opinions that speak in these 100% black-and-white terms should always encourage one to “follow the money”!

The reality is at the ground level, Active Directory and other on premise directory technologies are alive and well. Active Directory and systems like it still add value. People recognize that they don’t need to be replaced by the cloud, but instead, can be enhanced by it. Even if you want to move everything to the cloud, someone somewhere must be the “system of record” or the system that contains the master data. The companies that claim that directory technologies are dead want you to pay them to be the master of your data. This is potentially a lose-lose. Your most important data is now outside of your firewall (how can this be better for security), and you’re now paying someone else an ongoing fee to “host” it.

The cloud can work well with Active Directory. This is the nature of SSO technologies, web services, etc.—they are interoperable with other systems such as Active Directory.

…  but Perhaps Desktop Directory Management Should be

What we think should be dead is direct data entry into Operating System tools such as “Active Directory Users and Computers”.  Even worse is giving other people access to do so (who have no business remoting into your servers). Writing ad-hoc scripts to import stuff or make bulk updates and changes should go away. Deprovisioning without sound delegation or processes which can leave your systems vulnerable when people leave your school or company—that can safely die.  Skilled IT professionals taking on the mundane data-entry burden should stop too.

The beauty of web and service enabling directory management is you can keep all of the benefits of your directory technologies on premise with the benefit of safe, controlled, audited web-based management under your control.