The Active Directory skills gap is approaching learn about its impacts and steps to combat it
As the baby boomer generation approaches retirement age, organizations across various industries are starting to feel the effects of a skills shortage. Nowhere is this shortage more prominent and critical than in the Microsoft Active Directory (AD) field.

The prevalence of Active Directory

Active Directory is a vital component of the Microsoft Windows Server operating system, providing a centralized database of user accounts and network resources. It is used by organizations of all sizes, from small businesses to large enterprises, to manage user access, permissions, and other network resources. According to Frost and Sullivan, 90% of the Global Fortune 1000 companies use it as a primary method to provide seamless authentication and authorization.

The baby boomer generation, which includes those born between 1946 and 1964, has played a crucial role in developing and managing IT infrastructure, including Active Directory. As this generation begins to retire, the industry faces a significant Active Directory skills gap that will be quite challenging to fill.

Why is there a bigger skills gap for Active Directory?

There are several reasons why the upcoming Active Directory skills shortage is more prominent and critical than in other areas of IT.

It’s a mature technology

Active Directory is a mature technology that has been around for over 20 years. As such, many of the baby boomers involved in the development and implementation of Active Directory are now reaching retirement age. These individuals have decades of experience with the technology and have developed a deep understanding of how it works and how to troubleshoot problems as they arise.

As younger professionals take on more significant responsibilities managing Active Directory environments, they will have to learn on the job and rely on resources like online forums and documentation. While these resources can be helpful, they cannot replace the hands-on experience and expertise of seasoned professionals. This experience cannot be replaced quickly either, and the loss of seasoned professionals will leave a significant gap in the industry’s collective knowledge of Active Directory.

It’s critical to your IT infrastructure

Active Directory is a foundational technology that underpins many other critical IT systems. It’s not just used to manage user accounts and permissions, but it’s also used to authenticate users, authorize access to network resources, and manage security policies. If Active Directory is not functioning correctly, it can cause significant disruptions to an organization’s IT infrastructure and even lead to security breaches.

As such, it is essential that Active Directory is managed by professionals with a deep understanding of how the technology works and interacts with other IT systems. The loss of experienced Active Directory professionals can lead to increased downtime, security breaches, and other IT-related issues that can negatively impact an organization’s bottom line.

It’s complex

Active Directory is a complex technology that requires a broad range of skills to manage effectively. It is more than just a matter of knowing how to create user accounts or manage group policies. Active Directory professionals must also have a deep understanding of networking, security, and other IT systems.

For example, Active Directory relies heavily on the Domain Name System (DNS), translating domain names into IP addresses. If the DNS is not functioning correctly, it can cause issues with Active Directory, such as the inability to authenticate users or access network resources. Active Directory professionals must have a deep understanding of DNS and other networking technologies in order to troubleshoot these types of issues effectively.

Lack of training

The skills required to manage Active Directory are not always taught in traditional IT programs. Many IT professionals learn on the job or through certifications, such as the Microsoft Certified Solutions Expert (MCSE) certification. While these certifications can be helpful, they provide a different depth of knowledge and experience than years of hands-on experience. To make things worse, as of January 31, 2021, Microsoft has completely retired the exams for its Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Developer (MCSD), and Microsoft Certified Solutions Expert (MCSE) training tracks. And it’s not just exams; many courses that deal with fundamental skills, such as Windows Server 2019 administration, have been retired or will be soon, making it even harder for newer generations to acquire Active Directory skills.

As such, the upcoming Active Directory skills shortage will be challenging to address quickly. Organizations will need to invest in training and development programs to help younger IT professionals gain the necessary experience and knowledge to manage Active Directory effectively. However, this will take time, and in the meantime, organizations may face challenges in managing their Active Directory environments.

How to plan for the skills shortage

Assess your skills gap

You will need to get the big picture of your Microsoft infrastructure, applications, people and processes. This can be done with Active Directory reporting solutions that evaluate your configurations and the state of your Windows computers, file servers, domain controllers, permissions, users and group memberships in addition to your business and HR requirement discovery processes. You will be looking to learn what the IT risks are with your current team and processes, how deep the skills gap is, and what current applications or processes may be impacted.

Implement redundancy and training procedures

While staffing may be limited, it will be critical to ensure you have a backup in place for each person. This may require reorganization of current roles and responsibilities. Pairing new team members with experienced engineers is another great way to help with redundancy and ensure knowledge transfer and open up growth opportunities for existing team members.

Hands-on training is important, so creating a mentor or training program led by more experienced team members will increase your team’s overall competency level and ensure exposure to important areas like cloud computing, cybersecurity and disaster recovery.

Automate and document processes

You can leverage Active Directory management software to help you automate and create easily repeatable and documented workflows and processes for auditing, controlling and securing your Microsoft infrastructure. Having your existing team help to document, test and verify all the critical tasks and processes will also ensure you can troubleshoot any gaps or fix processes while implementing standardization and training.

Invest in talent

There is a widespread talent shortage across the board in IT and cybersecurity. Retainment will be important going forward. Helping to be vocal with stakeholders in your company about how essential these functions are and doing your best to remain competitive when it comes to compensation and benefits will be key. Additionally, ensuring a healthy work-life balance, flexible options like remote work, and defined career pathing will be just as important. When recruiting new talent, be mindful that there may be experience gaps with newer generations, so hire for passion and willingness to learn various IT functions.

Prioritize disaster recovery

It’s become a matter of when, not if your organization will be impacted by a disaster of some sort. Whether human error, a natural disaster or a cyberattack, the odds are stacked against anyone who works in IT. Prioritizing and investing in recovery solutions and strategies has never been more critical. According to a recent Forrester study, the cost of downtime for Active Directory alone is an astounding $730,000 per hour!

As mentioned earlier, Active Directory is complex, making it extremely complicated to recover in the event of a major disaster or ransomware attack. Active Directory recovery solutions will be vital in significantly reducing the time and effort required when needing to recover.


The upcoming Active Directory skills shortage will not just be a technical issue, but a business issue as whole. Organizations rely heavily on IT systems like Active Directory to conduct business. If your organization is facing similar challenges, you will find valuable information below.

Don’t let the retirement crisis become a security crisis

View the Whitepaper

About the Author

Fouad Hamdi

Fouad Hamdi is a senior strategic systems consultant at Quest Software. For 25 years, he has helped international organizations manage, migrate and secure their IT infrastructures, focusing on Active Directory and Microsoft 365. He has a passion for technology and cybersecurity, from hardware to software, and loves to follow new trends by attending large tech conferences like Defcon, BlackHat and CES. Fouad holds a Master’s degree in computer science from the French National Conservatory of Arts and Crafts.

Related Articles