Faced with deprecated AD module, let us look at possible upgrade options to Sitecore version 9.3 or 10 to for your Sitecore Identity Management
1. Do not use on-premises Active Directory?
If you choose to stop using on-premises AD with your Sitecore instance, THEN:
- You will need to upgrade from 8.2 to 9.3 or version 10 using Sitecore provided Security Database Scripts
- You will then need use the default Sitecore Identity provider for Sitecore local users
- This option means you will keep all existing CMS users after the upgrade
- There will be no more on-premises AD sync needed
- Your upgraded Sitecore Security Database is now your single source of truth for Identity Management
2. Keep on-premises Active Directory?
If you choose to keep your on-premises AD with your Sitecore instance. THEN you will need to make it work with latest Sitecore 9.3 or 10. To achieve this:
- You will need to do a vanilla 9.3 or 10 setup, no Sitecore Security DB upgrade is necessary in this case
- Use a custom ADFS Sitecore Identity Host plugin. I will show a demo for this later in this session.
- Now we have your on-premises AD working with Sitecore Identity, so your on-premises AD users can access Sitecore instance
- No on-premises AD sync is needed as we are using Sitecore Identity
- On-premises AD is now your single source of truth for Identity management
3. Switch into Azure Active Directorty?
Depending on your cloud transformation strategy, this is probably what you should be considering at some point
We have a couple of options here such as using Azure AD Connect or Azure AD connect Health to help with the transformation. I will also recommend working with your digital transformation partner to explore further options.
- IF you choose to switch into Azure AD instead, THEN
- You will need to do a vanilla 9.3 or 10 setup as we did in previous option, no Sitecore Security DB upgrade is necessary
- Use the Azure AD Sitecore Identity Plugin that ships out of the box with Sitecore
- Now we your Azure AD users can access your Sitecore instance
- No Azure AD sync is needed as we are using Sitecore Identity
- Azure AD is now your single source of truth for Identity management
Sitecore Identity Server is your answer going forward!