During Google Next keynote yesterday, Google surprised everyone by announcing Managed Service for Microsoft Active Directory (AD). This new Google Cloud service will be running an actual Microsoft AD allowing enterprises to manage their cloud-based AD-dependent workloads, automate AD server maintenance and security configuration, and extend their on-premises AD setup to the cloud.
- An actual AD domain: Decrease compatibility issues using a service that runs real Microsoft Active Directory domain controllers on the latest Windows Server builds. Integrate with Cloud DNS to enable automatic domain discovery for VMs.
- Familiar features and tools: Enable your IT and security teams to use standard Active Directory features, such as Group Policy, and familiar administration tools, such as Remote Server Administration Tools (RSAT), to manage the domain.
- Highly available: Have more confidence in the availability of your domain controllers knowing that the service runs in a highly available configuration, similar to this topology, in multiple regions.
- Automatic patching: Give IT teams more time by allowing the service to automatically patch servers, take AD snapshots for recovery, monitor for issues, and replace domain controllers that fail.
- Hardened: Make Active Directory infrastructure less prone to misconfiguration, knowing that the service is hardened with secure configuration baselines and appropriate network firewall rules.
- Flexible deployment: Achieve a higher flexibility by being able to connect Managed Service for Microsoft AD with your existing on-premises domain or run the service as a standalone domain.
Managed Service for Microsoft AD will be available for free during the beta testing period. We are not sure how this new service will offer better identity solution than Microsoft’s own Azure AD.