||WINDOWS SERVER AD
||AZURE ACTIVE DIRECTORY
||Windows AD offers 5 core services – ADCS, ADRMS, ADFS, ADDS, ADLDS.
||Azure AD provides only one solution – “Identity management throughout the internet”.
||Designed to operate in corporate network where companies have full control over topology. This exposes services exposed
||Type of communication is Http or Https and authentication protocols supported are OAuth, WS-Federation, SAMP-P.
|through various protocols like LDAP, Kerberos, DNS, AD replication etc.
||Operations/ information can be retrieved from AD are performed through LDAP queries.
||Azure AD provides Graph API which is REST API.
||The management of devices are limited to corporate assets.
||Http and https enables support for any device
|that can talk over http/ (s) hence enabling true Bring Your Own Device (BYOD) scenario.
||Can’t be integrated with enterprise ready SaaS applications.
||The nature of Azure AD enables to integrate with enterprise grade SaaS applications such as Salesforce, Facebook at work, dropbox and so on.
||You have access to underlying Domain controller as this is Infra offering.
||No access to underlying servers as this is PaaS
|offering and communication happens using internet facing endpoints.