There's actually a number of products under the Azure AD name, including:
* Azure AD, their employee/workforce solution. It's a directory, authentication and authorization system. Think Okta or AWS SSO. I imagine this is mostly what the survey was tracking.
* Azure AD B2C, their CIAM solution. Think Auth0, Cognito or FusionAuth (disclosure, I'm a FusionAuth employee).
* Azure AD EI, external identity management (users outside your org).
* Azure AD DS, domain services (older Windows focused services). This subsumes a lot of what Active Directory provided.
honestly though, Azure's naming strategies do exactly what they say. AWS uses names that are adjacent or completely random (fargate?). i don't even think cognito is a word in english language[0]
Authorization and authentication. Like it or not Microsoft Active Ditectory or Azure AD (basically the cloud version) works with everything and it’s kinda the only single-signon/shared login solution for enterprises. You can build something yourself with LDAP, Kerberos and maybe Keycloak, but why bother when you more or less need AD for Windows and Exchange anyway.
For juniors: Enterprises and even small startups need to comply with their industry’s security certification (PCI, ISO, whatever) which requires traceability of logins (and central revocation when employees quit and provably complex passwords and inability to retry 100 times, etc.)
We use Okta, currently with on-prem AD, but are whittling away at the use cases for the latter and hope to be AD-free once we solve for RADIUS (suggestions welcome :)
Well if you're familiar with Google Workspace.. you know once you've got email accounts in there then there's a whole lot of user admin you can do?
Azure AD is just Microsoft's version of that directory. The thing is if you use for example Exchange Online, or even just like Microsoft Office licensing, you've now got Azure AD where the users have accounts. Then I see businesses spend a fortune to integrate Okta or similar products that don't actually add anything given how feature full Azure AD is at this point.
It does a lot of things, but broadly the thing people know it most for is handling roles, permissions and groups for your organization. It’s often the source of truth for things like access and provisioning. Pretty core part of the organization.
Active Directory is Microsoft's LDAP[1] server offering. Eventually it got more features and is used by firms to enforce company wide (or group wide) rules like "Every computer must lock after 5min of inactivity" or "Adobe Acrobat must be installed in all computers".
Azure Active Directory is the cloud version of Active Diretory. It has some extra features compared to on prem AD (MFA, SSO with 3rd paty apps...) but the whole endpoint management part was moved to another product (Microsoft Endpoint Manager).
The reason so many companies have an AAD tenant is it is set up automatically when you configure Microsoft 365.
on-prem AD has SSO, it's called Active Directory Federation Services. Compared to Azure AD, the on-prem Federation Services has more features. To give one example, Azure AD does SAML, but it's not full compliant. We ran into an issue with at my last employer when a partner moved from AD-FS to Azure Active directory and broke the SAML integration. It required us to go back and re-do the federation model from scratch.
There's actually a number of products under the Azure AD name, including:
* Azure AD, their employee/workforce solution. It's a directory, authentication and authorization system. Think Okta or AWS SSO. I imagine this is mostly what the survey was tracking.
* Azure AD B2C, their CIAM solution. Think Auth0, Cognito or FusionAuth (disclosure, I'm a FusionAuth employee).
* Azure AD EI, external identity management (users outside your org).
* Azure AD DS, domain services (older Windows focused services). This subsumes a lot of what Active Directory provided.
And they say AWS has a hard time with naming :).
You can learn more about each of these here: https://azure.microsoft.com/en-us/products/active-directory/ (click on the "AAD" dropdown).