If you've ever heard of Azure prior to this lecture, it is likely you've heard it alongside the words Active Directory. But what is an Active Directory?

According to Microsoft, an Active Directory is a set of directory services developed by Microsoft as part of Windows 2000 for on-premises domain-based networks. But that definition doesn't really explain much, so let's use an example like Active Directory Domain Services to elaborate. Often abbreviated to AD DS. Active Directory Domain Services stores information about members of the domain. This includes things like devices, users, user credentials alongside their permissions, and access rights. If you've ever tried to log into a company's resource and been asked to log in, you have likely been logging into your company's Active Directory. Now, AD DS is a tool to manage on-premises infrastructure. 

This means that it does not manage or support things like SAAS applications, mobile devices, or anything that requires the modern authentication we discussed in the past lectures. This is where Azure Active Directory comes into play. Azure Active Directory also referred to as Azure AD is a cloud-based identity and access management service. It provides a single identity for cloud applications and enables additional features like mobile device management. When trying to remember the differences between Active Directory Domain Services and Azure Active Directory, just fall back to your knowledge of Azure. Active Directory Domain Services is unique to on-premises services while Azure Active Directory is meant for the cloud. That being said, there can be some overlap as Azure AD does allow for a more hybrid environment setup with Azure AD Connect, but generally speaking, if you see the word Azure, think cloud.