Google Has a New Managed Active Directory Cloud Service
Earlier this week during its Google Next keynote, Google announced its new Managed Service for Microsoft Active Directory (AD). Similar to Microsoft’s Azure Active Directory Domain Services, Google’s new service lets organizations deploy Active Directory in the cloud without installing and managing domain controllers in virtual machines (VMs). This allows companies to shift legacy applications easily to the cloud, reducing costs and delivery time.
But moving legacy apps to the cloud isn’t the only use case. Many new cloud-first apps also rely on Active Directory because it is so widely deployed in enterprises. Although, clearly Microsoft would rather you use Azure Active Directory (AD) instead of Windows Server Active Directory as the primary authentication mechanism for cloud-first applications.
Managed Service for Microsoft Active Directory
Google says that Managed Service for Microsoft Active Directory (MS for MAD) is “a highly available, hardened Google Cloud service running actual Microsoft AD that enables you to manage your cloud-based AD-dependent workloads, automate AD server maintenance and security configuration, and extend your on-premises AD domain to the cloud.”
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
Google seems keen to point out that what you get is ‘actual Microsoft AD’, and I’m guessing that is an attempt to differentiate the service from Azure Active Directory, which in fact is not based on Windows Server Active Directory despite having some overlapping features. Although you can complement AAD with Azure Active Directory Domain Services to get many of the features available in Windows Server Active Directory.
Other benefits include the ability to use standard AD administration tools, like the Remote Server Administration Tools (RSAT), and ‘virtually’ free maintenance, as Google will take responsibility for availability, patching, security baselines, and network protection. Domains will be configured with high availability across multiple regions. Google says that MS for MAD can be connected to existing on-premise Windows Server Active Directory domains or run as a standalone service.
For more information on Remote Server Administration Tools, see How to Install the Remote Server Administration Tools in Windows 10 on Petri. For more details on Azure Active Directory, check out What is Azure Active Directory? on Petri.
Google Cloud Plays Catchup
Google Cloud is trailing behind Amazon AWS and Microsoft Azure, and this new service helps put Google Cloud on more of a level footing with Azure and Amazon in the identity department, both of which offer managed directory services based on Active Directory.
MS for MAD will be free during the testing period and you can get more details about it on Google’s website here.