Active Directory® for Apple®

By Zach DeMeyer Posted December 30, 2018

Active Directory® for Apple®

Microsoft® Active Directory® is the IT industry standard in the directory services space. Although the Windows®-based identity provider is so prevalent, Apple’s® Macs® are becoming popular in the workplace more than ever. And there’s the rub, as they say, because Active Directory (AD) struggles to authenticate Mac devices. So, is there an Active Directory for Apple? Isn’t Open Directory (OD) Apple’s version of Active Directory? Unfortunately, the answers to those questions aren’t so simple anymore.

Active Directory vs. Open Directory

mac management with active directory

First, a brief history lesson. Active Directory was officially introduced with the release of Windows Server 2000. At the time, Apple was long past the days of the legendary Cupertino garage, selling models like the Power Mac and others. Despite this, the now tech giant had yet to really impact the enterprise, especially regarding system and identity management. Apple realized that they needed to compete with AD, which was quickly becoming a giant in the directory services space. Open Directory was the answer to that need, a competitor to Active Directory, but for Apple systems.

At their basest, both AD and OD are similar in nature. Both are on-prem directory services, based around LDAP and Kerberos. Both are tailored to suit their native environments/OS. And, unfortunately, in this day and age, both are becoming increasingly passé.

A Changing IT World

With the massive changes in the recent IT landscape, neither AD nor OD are really what they once were to IT organizations. The shift to the cloud is dramatically changing the way IT admins approach identity management, and, in particular, the nature of the identity provider. Today’s IT environments aren’t as cut and dry as the cube farms of a decade or so ago. When it comes to systems, more and more environments are becoming heterogeneous (Mac, Windows, and Linux®). Employees are reliant on applications delivered both from the cloud and on-prem. Networks are wireless, and the amount of remote workers is climbing.

For IT organizations, while these changes brought about plenty of improvements, they also brought about challenges. Using a directory service like AD or OD, both tied on-prem and to its respective platform, puts IT admins at a stark disadvantage while managing authentications to the cloud. And, in the fast pace of today’s working world, that disadvantage is tantamount to either an incomplete identity management approach, or a host of add-ons that add extra time and cost to an admin’s work.

So is There an Active Directory® for Apple®?

Moving MSP infrastructure to the cloud

The good news is that there is a new cloud directory service concept that is really not only Active Directory for Apple, but a reimagination of Active Directory in the cloud. This Directory-as-a-Service® takes the best of both AD and OD worlds, including system and user management, and offloads it, serverless, to the cloud. Couple that with True Single Sign-On™ thanks to RADIUS, LDAP, and SAML and you’ve got a world class Active Directory replacement, not only for Windows and Mac, but Linux as well.

Try JumpCloud® Directory-as-a-Service today, absolutely free, and, to help you get started, it even comes with ten users free forever. To learn more about this “Active Directory for Apple” and much more, you can contact us with questions. Lastly, feel free to utilize our Knowledge Base or watch a video on our YouTube channel.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts