Active Directory and Entra ID — order in identities, access rights and devices.
We deploy on-premise Active Directory and cloud-based Entra ID (Azure AD). Central user management, GPO, SSO, Conditional Access. For companies with 10 to 200 workstations — one source of truth for identities.
Why businesses need a central directory?
Without Active Directory / Entra ID every account, password and permission lives its own life.
ACCOUNT CHAOS
Every system has a separate account. An employee leaves — nobody knows how many tools they can access. Password resets require emailing the admin.
NO SSO
Users log in separately to M365, VPN, Wi-Fi, CRM. Multiple passwords = weak passwords. No Single Sign-On increases phishing risk.
NO GPO / POLICIES
Computers configured manually. No password policies, screen lock, disk encryption. Every workstation looks different.
CLOUD MIGRATION
The company grows and on-premise AD is no longer enough. Hybrid device join, Entra ID, Intune — but how to bridge the old world with the new?
4 steps to a central directory.
AUDIT
Assessment of current state: local accounts, cloud accounts, hardware, integrations. Requirements mapping: GPO, SSO, MFA, Conditional Access policies.
ARCHITECTURE
Directory design: on-premise AD, Entra ID or hybrid model. OU structure, groups, policies. Entra ID P1/P2 licensing plan.
DEPLOYMENT
AD controller deployment or Entra ID configuration. Device join, GPO, SSO, MFA, Conditional Access policies. Integration with M365/Google Workspace.
KNOWLEDGE TRANSFER
Administrator training. Operational documentation, runbooks. Optionally: ongoing directory management under subscription.
Directory technologies we deploy.
Active Directory
- Domain Controller (DC) on Windows Server
- OU structure, users, groups
- Group Policy (GPO) — workstation policies
- DHCP, DNS integrated with AD
- Multi-site replication
Entra ID (Azure AD)
- Entra ID Free / P1 / P2
- SSO for SaaS applications
- Conditional Access policies
- MFA (Multi-Factor Authentication)
- Privileged Identity Management (PIM)
Hybrid join and synchronisation
- Entra Connect (Azure AD Connect)
- Hybrid Azure AD Join
- Password Hash Sync / Pass-through Authentication
- Seamless SSO
- Device writeback
Three scenarios we handle most often.
AD / Entra ID from scratch
Your company is growing and needs a central directory. We design, deploy, join devices, configure GPO and SSO.
DESCRIBE YOUR COMPANY →From on-premise AD to Entra ID
Moving away from servers and want cloud-based identity management. We migrate accounts, configure SSO, Conditional Access policies and Intune.
DESCRIBE YOUR MIGRATION →Taking over an existing AD
You have AD but nobody maintains it. We audit, clean up OU/GPO, fix replication, document and take over operations.
DESCRIBE YOUR ENVIRONMENT →Frequently asked questions about Active Directory
Not always. Entra ID (Azure AD) runs fully in the cloud — no servers needed. For companies that require GPO at the workstation level, we recommend hybrid or on-prem AD.
Active Directory (on-premise) manages computers on the local network (GPO, LDAP, Kerberos). Entra ID (cloud) manages identities in SaaS (SSO, Conditional Access, MFA). A hybrid model combines both worlds.
AD / Entra ID deployment: from €1,200 depending on the number of workstations, network complexity and GPO/SSO requirements. Full pricing →
Yes. Entra ID is natively integrated with M365. Google Workspace integrates via SAML SSO or Google Cloud Directory Sync (GCDS). We configure both paths.
Yes. Under our IT subscription we manage AD/Entra ID on an ongoing basis: onboarding/offboarding, GPO, replication monitoring, security review. Subscription details →
Related services
Tell us about your infrastructure — we will design your directory.
How many workstations do you have? Do you already have AD? Which SaaS apps do you use? Write to us — we will prepare a deployment plan.
DESCRIBE YOUR NEEDS →