Microsoft's Windows Azure Active Directory plans takes shape

This year should be a big one for Microsoft's Windows Azure Active Directory cloud service, yet another piece of its hybrid public/private cloud puzzle.
Written by Mary Jo Foley, Senior Contributing Editor

In the coming months, Windows users and partners are going to be hearing a lot more about Windows Azure Active Directory, the "conceptual equivalent" of Microsoft's Active Directory directory service in Windows Server.

I only recently learned about the Windows Azure Active Directory -- or WAAD (ugh!) -- name via a December post I found on Dominik's Cloud Security Blog). But the Softies have been dropping hints about plans to step up rights and management policies using Active Directory on the cloud side of the house, too, since last November.

Sessions about WAAD are on the docket for Microsoft's upcoming TechEd conferences in June. Before that, Microsoft is planning to make some WAAD-related capabilities available to its Windows Azure cloud customers, according to a Microsoft cloud roadmap I saw earlier this year.

Microsoft is expected to tout the synergies of on-premises Active Directory and WAAD across several fronts, according to that roadmap document. Users will be able to maintain secure access to their apps in the cloud using their existing Active Directory set-ups. They'll be able to migrate apps that depend on Active Directory to the Azure cloud "without making any changes."

Office 365 enterprise users already can use their on-premises Active Directory to implement single sign-on. As it currently stands, "the administrator, and your users will need to maintain separate user names and passwords for your online and on-premises accounts," and requires both Active Directory Federation Services (ADFS) 2.0 and the Active Directory sync service. Based on the aforementioned cloud roadmap, it sounds like Microsoft may be adding more Active Directory single sign-on capabilities and features to Office 365 some time this spring.

(click on slide to enlarge)

A Microsoft Web page on WAAD calls WAAD a multi-tenant cloud service. From that page:

"Windows Azure Active Directory is a cloud service that provides identity and access capabilities for applications on Windows Azure and Microsoft Office 365. Windows Azure Active Directory is the multi-tenant cloud service on which Microsoft Office 365 relies on for its identity infrastructure.

"Windows Azure Active Directory utilizes the enterprise-grade quality and proven capabilities of Active Directory, so you can bring your applications to the cloud easily. You can enable single sign-on, security enhanced applications, and simple interoperability with existing Active Directory deployments using Access Control Service (ACS), a feature of Windows Azure Active Directory."

Microsoft announced last year the availability of ACS 2.0, which added new federation capabilities for Web sites and services. The latest update to the Azure Service Bus includes built-in support for ACS 2.0.

Update: I'm not entirely sure if WAAD is just a new name/new positioning for ACS or if it actually is something more. I'll try asking Microsoft to see if I can get clarity. If so, I'll update this post.

Update No. 2: A Microsoft spokesperson said ACS is just one feature of WAAD.

In other Microsoft cloud news, Microsoft announced plans to drop SQL Azure pricing (again) this week, effective immediately. The reduced pricing is aimed at customers with databases bigger than 1 GB in size who need to scale. Microsoft also added a new 100 MB database plan to its SQL Azure line-up this week.

Editorial standards