First, you should know that Windows Server Active Directory wasn’t designed to manage web-based services.
Azure Active Directory, on the other hand, it was designed to support web-based services that use REST (REpresentational State Transfer) API interfaces for Office 365, Salesforce.com DropBox, and Google Apps etc. Unlike plain Active Directory, it uses completely different protocols (Goodbye, Kerberos, and NTLM) that work with these services–protocols such as SAML and OAuth 2.0. In a hybrid environment, it can also be integrated with existing on-prem resources to give organizations the manage access to cloud-based applications […]