Microsoft adds Custom Attributes to Entra Domain Services, boosting legacy app support in the cloud.
Key Takeaways:
Microsoft has officially rolled out support for Custom Attributes in Entra Domain Services. This new feature enables administrators to leverage custom attributes in managed domains, which provides significant benefits for legacy applications.
Microsoft Entra Domain Services is a cloud-based service that offers managed domain services such as group policy, domain join, LDAP, and Kerberos/NTLM authentication without the need to deploy, manage, or patch domain controllers in the cloud. It integrates seamlessly with Azure Active Directory, which allows organizations to extend their on-premises identity infrastructure to Azure. This capability enables legacy apps and services to work in a cloud environment without modification.
According to Microsoft, many organizations rely on legacy apps that can’t be easily updated or modified due to complexity, cost, or compatibility concerns. These apps may depend on custom directory attributes (such as a unique employee ID) accessed via LDAP queries. Azure Active Directory uses features such as Directory Extensions and onPremisesExtensionAttributes to store such extended user and application attributes.
Previously, these extended attributes were not synchronized with Azure AD Domain Services, which limited the functionality of legacy apps that rely on them in cloud-based environments. Microsoft says that this new feature allows Azure AD Domain Services to synchronize custom and extended attributes from Azure AD. It enables organizations to migrate legacy apps that previously couldn’t function without these specific attributes.
Microsoft’s decision to enable the synchronization of custom attributes from Microsoft Entra ID to Azure AD Domain Services improves cloud adoption for organizations. It allows customers to migrate legacy applications to Azure without needing code changes, which reduces the risk and effort involved in modernization.
Moreover, these custom attributes are often important for defining access controls, organizing directory objects, and storing key business data. This integration allows organizations to fully utilize Microsoft Entra ID’s cloud capabilities while maintaining the functionality required for running legacy apps.