Back

Understanding Active Directory - All Seven Types (Video)

In this Tech Talk Conrad Agramont Agile IT CEO discusses the seven types of Active Directory what to use them for and how they can be used togeth...

3 min read
Published on Mar 5, 2020
Understanding Active Directory - All Seven Types (Video)

In this Tech Talk, Conrad Agramont, Agile IT CEO, discusses the seven types of Active Directory, what to use them for, and how they can be used together to deliver solutions. Check out our earlier articles and tech talks on Active Directory:

Understanding Active Directory Licensing P1 and P2

Active Directory Health Checks  

The Shared Responsibility Model

ResponsibilityOn-PremIaaSPaaSSaaS
ApplicationsCustomerCustomerCustomerProvider
DataCustomerCustomerCustomerProvider
MiddlewareCustomerCustomerProviderProvider
NetworkingCustomerProviderProviderProvider
O/SCustomerCustomerProviderProvider
RuntimeCustomerCustomerProviderProvider
ServersCustomerProviderProviderProvider
StorageCustomerProviderProviderProvider
VirtualizationCustomerProviderProviderProvider

What is Active Directory?

Active Directory (AD), introduced in 1999 as part of Windows Server 2000, is a directory service based on Lightweight Directory Access Protocol (LDAP). AD is responsible for authenticating and authorizing all users and computers in a windows domain network.

  • People
    • Names
    • Numbers
    • Address
  • Services
    • Category
    • Names
    • Numbers
    • Address
    • Advertisement

The Types of Active Directories

There are technically 7 different types of Active Directory. Each of them are deployed in different way, places and for different purposes.

Active Directory TypeDeploymentModern?Purpose
Active Directory Federation Services (ADFS)ServerNoSingle Sign On (SSO) For Ad
Azure Active DirectoryCloudYesCloud Identity
Azure Active Directory Application ProxyCloudYesAzure AD enable legacy apps
Azure Active Directory ConnectServer-Sync AD and AAD
Azure Active Directory Connect Cloud ProvisioningServerYesSync AD and AAD (Limited)
Azure Active Directory Domain ServicesCloudYesCloud Hybrid Servers
Local AD (AD)ServerNoLocal Identity

Identity is Your Control Plane

Active Directory Control Plane

What is Local Active Directory (AD)

Purpose

  • Centralized administration for servers, workstations, users, and applications
  • Services (e.g. Exchange) can leverage for email services configuration

Deployment

  • Windows Server OS
  • Active Directory Domain Controllers

Limitations

  • Requires direct network connection
  • Reliance on customer managed networking: DNS, VPN, and Servers (Physical and Virtual)

What is Azure Active Directory (AAD)

Purpose

  • Centralized administration for cloud services
  • Services (e.g. Exchange) can leverage for email services configuration
  • Hybrid scenarios supported via Azure AD Connect connecting to local Active Directory
    • Use your corporate credentials/passwords

Deployment

  • Cloud Service

Limitations

  • Lack of IT protection without AAD P1 and P2 licensing
  • Device bases security requires EM+S licensing for Intune

What is Azure AD Connect Cloud Provisioning?

What is Azure Active Directory Domain Services (AADDS)

Purpose

  • Local Active Directory (Fully compatible with Windows Server Active Directory)
  • Lift and Shift scenarios for Windows servers
    • Use your corporate credentials/passwords
    • NTLM and Kerberos authentication
  • Co-mingle local Active Directory users and Azure Active Directory users

Deployment

  • Cloud Service (Two domain controllers are available by IP only)
  • Highly available domain
  • Auto-remediation
  • Automatic backups

Limitations

  • Organizational Units are flat and not brought over from local AD/AAD
  • Not recommended for workstations
  • Administrators are NOT Domain Admins (it’s also a good thing)

Synced Tenants

What is Azure AD Application Proxy

Azure AD Application Proxy

Purpose

  • Publish on-premises web apps externally in a simplified way without a DMZ
  • Support single sign-on (SSO) across devices, resources, and apps in the cloud and on-premises
  • Support multi-factor authentication for apps in the cloud and on-premises deployment

Deployment

  • Requires Azure AD basic or premium (P1 or P2) subscription
  • Support Authentication: Integrated Windows Authentication (IWA), Header-based, forms, password-based SAML

Limitations

  • Connector must be installed on Windows Server 2102 R2 or higher, Windows 8.1 or higher
  • The on-premises firewall must be enabled for outbound traffic from the connector

Up Next? Getting Rid of Your Local Active Directory

As more and more organizations move more and more of their operations to the cloud, Local Active Directories are becoming redundant, and sometimes challenging pieces of infrastructure.  Last year, Agile IT took the leap, and removed our own Local Active Directory, and since then, have helped dozens of companies do the same. Conrad will be discussing the dangers, challenges and benefits to removing your own local active directory in an upcoming Tech Talk.

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

MSP vs. In-House Support for CUI Data Management

MSP vs. In-House Support for CUI Data Management

Compare MSP vs. in-house support for CUI data management. Explore cost, expertise, compliance readiness, and which approach best protects sensitive government data.

Sep 18, 2025
8 min read
How to Plan an Effective Backup Strategy for Microsoft 365

How to Plan an Effective Backup Strategy for Microsoft 365

Learn how to plan and implement a backup strategy for Microsoft 365 that protects critical data in Exchange, SharePoint, Teams, and OneDrive against loss, ransomware, and compliance risks.

Sep 17, 2025
6 min read
GCC High Licensing and Validation Challenges

Common Challenges in GCC High Licensing and Validation

Uncover common challenges in Microsoft GCC High licensing and validation, including eligibility issues, documentation gaps, and partner approval hurdles.

Sep 16, 2025
7 min read
Microsoft GCC High Validation Steps Explained

Navigating the Microsoft GCC High Validation Steps

Explore the step-by-step process for Microsoft GCC High validation, including eligibility, documentation, and how to secure access for CMMC and DFARS compliance.

Sep 15, 2025
7 min read
GCC High Licensing Requirements for Small Businesses

GCC High Licensing Requirements for Small Businesses

Learn the licensing requirements for small businesses seeking Microsoft 365 GCC High, including minimum user counts, eligibility, and steps for purchasing secure cloud licenses.

Sep 12, 2025
7 min read
GCC vs. GCC High: CMMC Ain’t Just Some Box to Check

GCC vs. GCC High: CMMC Ain’t Just Some Box to Check

Think GCC is “close enough” for CMMC Level 2? Think again. We break down GCC vs. GCC High and why compliance isn’t just a licensing checkbox.

Sep 12, 2025
6 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation