Home
Back to overview

Active Directory / Azure AD (Entra ID)

Active Directory (AD) is a directory service by Microsoft that enables the centralized management of users, devices, and access rights within an IT infrastructure. With its expansion into the cloud, Active Directory was extended to include Azure Active Directory, which has operated under the name Microsoft Entra ID since 2023. Together, both services form the foundation for identity and access management in modern enterprise environments.

The central mechanism of Active Directory and Entra ID is the unified management of identities and access rights. Administrators can create user accounts, define groups, and assign granular permissions that determine which resources a user or device is permitted to use. In hybrid environments where on-premises servers and cloud services are operated in parallel, synchronization between Active Directory and Entra ID ensures consistent rights management across all systems.

Active Directory has been standard infrastructure in medium-sized companies and public authorities for decades. A school authority can use Entra ID to centrally manage all teachers and students, automatically assign devices to the correct user groups, and precisely control access to learning platforms or internal systems. In organizations with multiple locations, Entra ID also enables the secure integration of home office devices without complex VPN configurations.

A key advantage of integrating Active Directory and Entra ID is the foundation it provides for Single Sign-On and Multi-Factor Authentication. Users log in once and automatically gain access to all approved services and applications without having to authenticate multiple times. At the same time, security policies such as Conditional Access can be enforced centrally, dynamically controlling access based on device status, location, or risk level.

Combining Active Directory or Entra ID with a central device management solution creates a powerful foundation for automatically assigning devices to the correct user groups upon enrollment and applying policies based on directory groups.