AD DS on Windows Azure Virtual Machines is not Windows Azure Active Directory.
AD DS running on Windows Azure Virtual Machines (Infrastructure As A Service) is like running an on premise domain controller at the end of VPN link in a Microsoft data centre; see also Guidelines for Deploying Windows Server Active Directory on Windows Azure Virtual Machines.
To quote from that presentation:
What is Windows Azure Active Directory then?
- A Microsoft cloud service that provides identity and access capabilities for applications on Windows Azure and Microsoft Office 365
- A multi-tenant cloud service on which Microsoft Office 365 relies on for its identity infrastructure
- An Identity service that provides identity management and access control capabilities for your cloud applications
- Allows you to extend your existing on-premises Active Directory authentication to your cloud applications
So more like Identity As A Service. The availability of the preview for Windows Azure Active Directory is announced here and the motivations are discussed here with an overview here and a deep-dive here . The associated Windows Azure Authentication Library was announced here with a deep-dive here.
UPDATE: Episode 85 of the Windows Azure Cloud Cover Show covers Windows Azure Active Directory; if you are an IT Pro rather than a developer the first 30 minutes are probably most relevant where you will hear about and see the Graph (RESTful, ODATA based) API that is being used instead of LDAP. Another use case for Windows Azure Active Directory that is given is as a directory for online only companies not wanting to have the infrastructure cost of an on premise (they have no on-premise) directory.
UPDATE: Build 2012 session on Windows Azure Active Directory: enabling single sign on and directory services for cloud SaaS apps