Enterprise Active Directory (EAD) is one of the core components of UBC's Identity and Access Management (IAM) Program. EAD provides centralized authentication and access control for Microsoft Windows-based services across campus such as H:/Drive, and FASMail on premises.
EAD synchronizes with Microsoft Entra ID (formerly Azure AD) to enable seamless access to Microsoft 365 services such as FASMail Exchange Online, as well as UBC's Hybrid Cloud Service.
Since 2010, departments have increasingly consolidated their Active Directory infrastructures by migrating to the Enterprise Active Directory (EAD) service. This centralization of directory services offers substantial benefits:
- Identity Lifecycle Management: Automated systems manage the complete account lifecycle, from creation to deactivation, based on authoritative system records and compliance requirements. This ensures timely access to enterprise services when users join and automatic removal of access privileges when they depart, reducing security risks and maintaining service license compliance
- Enhanced Security and Compliance: Centralized security policies, automated access reviews, and unified audit logging strengthen the organization's security posture and simplify compliance reporting
- Streamlined Authentication: Single Sign-On (SSO) capabilities allow users to access multiple systems with one set of credentials, reducing password fatigue and help desk calls
- Simplified IT Administration: Consolidates identity management tasks into a single platform, significantly reducing administrative overhead and improving operational efficiency
- Business Continuity: Offers continuous service availability through redundant infrastructure across multiple geographical locations, comprehensive disaster recovery capabilities, and optimized performance that scales with organizational demands
- Modern Identity Infrastructure: Enables hybrid identity scenarios, supporting both on-premises and cloud services through seamless integration with EntraID/AzureAD and other cloud platforms
- Cost Optimization: Reduces infrastructure costs through shared resources, consolidated licensing, and decreased support requirements
- Identity Intelligence: Enables advanced analytics and reporting on access patterns, security events, and compliance metrics across the enterprise
- Scalable Architecture: Supports organizational growth and change through a flexible, enterprise-grade directory infrastructure
- Standardized Directory Services: Delivers unified directory services where standardization enables seamless resource sharing, simplified troubleshooting, and predictable system behavior across all organizational units. IT teams can efficiently implement and maintain security baselines, software deployment strategies, and configuration settings through centralized policy management