Managed Service for Microsoft Active DirectoryBeta

Use a highly available, hardened service running actual Microsoft® Active Directory (AD).

View documentation for this product



Managed Service for Microsoft Active Directory (AD) is a highly available, hardened Google Cloud service running actual Microsoft AD that enables you to manage your cloud-based AD-dependent workloads, automate AD server maintenance and security configuration, and connect your on-premises AD domain to the cloud.

Actual Microsoft AD

Use a service with actual Microsoft Active Directory domain controllers, so your work isn’t slowed down by application compatibility worries. Your IT and security teams can use built-in Active Directory features and standard AD administration tools.

Virtually maintenance-free

Enable your IT and security teams to focus on higher-value tasks, knowing that the service is highly available, automatically patched, configured with secure defaults, and protected by appropriate network firewall rules.

Hybrid identity

Connect your on-premises Active Directory domain to Google Cloud or deploy a standalone domain in multiple regions for your cloud-based workloads, including VMs and applications. Your choice.


An actual AD domain

Decrease compatibility issues using a service that runs real Microsoft Active Directory domain controllers on the latest Windows Server builds. Integrate with Cloud DNS to enable automatic domain discovery for VMs.

Familiar features and tools

Enable your IT and security teams to use standard Active Directory features, such as Group Policy, and familiar administration tools, such as Remote Server Administration Tools (RSAT), to manage the domain.

Highly available

Have more confidence in the availability of your domain controllers knowing that the service runs in a highly available configuration, similar to this topology, in multiple regions.

Automatic patching

Give IT teams more time by allowing the service to automatically patch servers, take AD snapshots for recovery, monitor for issues, and replace domain controllers that fail.


Make Active Directory infrastructure less prone to misconfiguration, knowing that the service is hardened with secure defaults and appropriate network firewall rules.

Multi-regional infrastructure

Deploy the service in a specific region and allow your apps and VMs in that or other regions access the domain over a low-latency Virtual Private Cloud (VPC). Expand the service to additional regions as needed.

Flexible deployment

Achieve a higher flexibility by being able to connect Managed Service for Microsoft AD with your existing on-premises domain or run the service as a standalone domain.



Managed Service for Microsoft AD is available to test at no cost during beta. Pricing information will be published when the service becomes generally available.

Additional costs may incur for using other Google Cloud services, such as Cloud DNS and on-premises connectivity services.

Google Cloud

Get started

Managed Service for Microsoft® AD

Use a highly available, hardened service running actual Microsoft® Active Directory (AD).

This product is in beta. For more information on our product launch stages, see here.

Send feedback about...

Managed Microsoft AD