You may or may not know that Windows Azure Infrastructure as a Service (IaaS) – officially called Windows Azure Infrastructure Services – is now live and available. Microsoft announced the General Availability (GA) today, here.
Microsoft have a knowledgebase article that lists what Microsoft products are officially supported running on Windows Azure Virtual Machines – kb2721672: Microsoft server software support for Windows Azure Virtual Machines – and both Active Directory Federation Services (AD FS), running on Windows Server 2008 R2 or later, and Forefront Identity Manager (FIM) 2010 R2 Service Pack 1 (SP1) are now supported on Azure IaaS VMs.
Some more info.:
- SQL Azure won’t work as a database backend for FIM and a remote SQL VM has not been, and will not be, tested – you need to use an on-box SQL instance.
- Not all workloads make sense running in IaaS. Smaller workloads, probably FIM SYNC only, and DIRSYNC or multi-forest DIRSYNC using FIM and the Azure Active Directory (AAD) connector are probably going to make up the bulk of users.
- You really need to consider having a DC running in IaaS too. This will probably be recommended by Microsoft in the future.
- You really need to look at the cost benefit of hosting FIM in the cloud. There’s a bunch of costs that need to be considered – the cost of the VM, the processor usage, the storage, the network traffic and the VPN tunnel.
- Lastly, support is via CSS FIM resources and not Azure support.