Active Directory is interwoven into the fabric of the majority of networks from small to very large. As a directory service AD allows for centralized control to many network based resources like file shares, email, databases, printing, etc.
Many network services themselves (unbeknownst to the user) depend on it, like DNS, DHCP and many others. The simple logon to a Windows domain from a user’s computer opens up access to many centrally administered resources without requiring the user to log in to each of those services and resources separately.
For an IT perspective this means maintaining one directory service, rather than setting up user access for each service or resource separately. In addition many 3rd party software solutions have AD integration either via a sync or other form of importing existing AD users
While we had started to move our apps into the public cloud in 2010 and our productivity and core resources are by now all cloud-based, Active Directory has still affects some of the aforementioned services like DNS, WiFi authentication, virtual server infrastructure, printing and some others.
And here lies one of the possible unforeseen trouble lurking behind the corner when removing AD: forgetting one of those services and having to deal with the consequences.
These AD dependent resources and services are different for every network. In our case they are:
- DNS
- Okta AD agent servers
- Print management for PCs
- PaperCut Print cost tracking
- Copier access
- CA and certificate depending services
- Radius for WiFi authentication
- AADC – Azur Active Directory Connector for Office 365 user access management
- GPO – Group Policies
- Centralized Windows updates
- Anti-malware installation push-out
- Remaining virtual server infrastructure
- Remote access via VPN for IT maintenance purposes
For you this list might be much longer and an Active Directory removal might be out of the question, especially if core and productivity resources like on-premise email server, file shares and or database services depend on it.