Identity and Infrastructure Deployment Models

activate’s deployment model is shaped by your organisation’s identity landscape, whether you operate in azure, on premises active directory, or a hybrid of both your chosen model defines the setup steps, dependencies, and required integrations overview each deployment model impacts the following areas active directory requirements and permissions network layout and connectivity server placement (provisioning server and web) sql database location clustered or single server configuration physical or virtual hosting (on premises or cloud) certificates and azure applications deployment models activate supports three main deployment models hybrid cloud only on premises only each model shares many components but differs in how authentication, data access, and service connectivity are implemented hybrid deployment the hybrid model is the most common and aligns with microsoft’s recommended enterprise architecture it integrates on premises active directory with entra id (aad) and office 365 , typically via azure ad connect requirements three azure application registrations orchestrator – backend communication and provisioning login – authentication for users and administrators eol authentication – connection to exchange online two certificates one for the website binding and orchestrator communication one for eol authentication service accounts orchestrator service account web service account exchange connectivity supports hybrid environments with on premises and cloud exchange mailboxes typical use case enterprises managing both on premises and cloud workloads who require secure, low latency communication between internal systems and microsoft 365 cloud only deployment the cloud only model is suitable for organisations that have fully transitioned to microsoft 365 and azure ad without maintaining local active directory infrastructure requirements three azure application registrations orchestrator login eol authentication two certificates one for web binding and backend communication one for eol authentication service accounts orchestrator service account web service account typical use case modern organisations operating exclusively in microsoft 365 and azure, where all identity and authentication is managed through azure ad on premises only deployment the on premises only model is for organisations with no dependency on cloud services all components, including active directory and exchange, remain within the internal network requirements three application registrations orchestrator login one certificate for web binding and backend communication on premises exchange service accounts orchestrator web service typical use case highly secure or isolated environments that cannot connect to the cloud or have strict internal security controls maintenance because microsoft frequently updates its cloud services, it is recommended to patch activate every 6–9 months to maintain compatibility with azure and microsoft 365 summary true 110,110,110,110,110,111 unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type unhandled content type