Like most directory services, Azure Active Directory stores information about users and the organizations they belong to. It lets users log in, then supplies them with tokens they can present to applications to prove their identity. It also allows synchronizing user information with Windows Server Active Directory running on premises in your local network. While the mechanisms and data formats used by Azure Active Directory aren’t identical with those used in Windows Server Active Directory, the functions it performs are quite similar.
Understanding Azure Active Directory
It’s important to understand that Azure Active Directory is designed primarily for and used by cloud applications. It can be used by applications running on Azure, for example, or on other cloud platforms. It’s also used by Microsoft’s own cloud applications, such as those in Office 365. If you want to extend your data center into the cloud using Azure Virtual Machines and Azure Virtual Network, however, Azure Active Directory isn’t the right choice. Instead, you’ll want to run Windows Server Active Directory in Virtual Machines.