Active Directory® Challenges

Posted November 5, 2016

In Active Directory, Blog, Directory-as-a-Service (DaaS)

Microsoft Active Directory became the leading directory services platform in the 2000s. There were a number of reasons for the ascent of AD, first and foremost being Microsoft’s dominance of the OS and enterprise software market (e.g. Word, Powerpoint, Excel).

But with the shift in the IT landscape, there are a large number of Active Directory challenges that IT organizations are fighting.

Active Directory Background

Microsoft introduced Active Directory in 1999. It was a perfect time for them to introduce a centralized user management platform. Microsoft owned the IT landscape with virtually all of an organization’s infrastructure being based on Windows systems and applications.

As the most dominant platform, Microsoft decided with Active Directory to centralize IT control over systems, applications, and networks. A user could be provisioned, deprovisioned, or modified from AD – as long as the platform was Windows.

This, of course, created a virtuous cycle for Microsoft. With a large population of Windows machines and applications, IT admins could easily control user access with AD. With AD, you could add more Windows systems and applications for seamless integration. One begat the other.

Evolution in IT Brings Challenges for AD

Over the last few years, though, the IT landscape has shifted and is continuing to shift.

Windows is no longer the monopoly that it once was within IT networks.
Only one in five devices is now Windows when including mobile devices [Forbes]
The data center has largely shifted to AWS and is based on Linux.
Applications are now being delivered from the cloud and the local network is largely WiFi-based.

In short, the internal IT network is dramatically different than it was two decades ago when AD was introduced. This, of course, presents a number of significant challenges for organizations that are leveraging Active Directory.

Mixed Platform Environments

With MacOS and Linux being as popular as ever, AD is managing less of an organization’s IT resources. This creates a number of problems.

First, IT admins don’t have a central user management platform. They need to go to multiple spots to provision, deprovision, and modify users.

Second, if they do want to tie all of their users back to AD, they will need third party software solutions to add to their identity management infrastructure.

Third, IT admins lose critical features as they add new platforms. For instance, Group Policy Objects don’t work with MacOS and Linux.

Cloud and Remote Users / IT Resources

Active Directory was created at a time when most IT resources were hosted on-prem. As a result, AD assumed direct access to IT resources. The result is that when users, systems, or applications are located in the cloud or around the world, they need to have a way to direct connect to AD. And, that means networking hoops and hurdles. Most likely IT admins will need to deploy VPNs or additional network connections to connect to AD. That adds tremendous work and cost to the identity management implementation.

Security

Identity theft has become one of the most critical problems that IT organizations face. The right compromised identity could be the keys to an organization’s digital kingdom. Active Directory was built during a different era where security was not nearly as important as it is today. Different approaches to protecting credentials and managing access are required. Further, with many IT resources being remote, the security model needs to shift.

Avoid these Active Directory Challenges with an Alternative

Unfortunately, Active Directory has not kept up with the changing times in IT. This has caused a new generation of cloud identity management platforms to appear. Directory-as-a-Service® is AD and LDAP reimagined for the cloud era.

As an independent, cross-platform solution, this virtual identity provider treats Windows, MacOS, and Linux as equals. Those systems can be located on-prem or in the cloud, just as applications and users can be as well. Because the SaaS-based directory service was built from the ground up with security in mind, it is meant to be deployed in modern, cloud-forward organizations.

Learn More

If you would like to learn more about how Directory-as-a-Service can solve your Active Directory challenges, drop us a note. Or, alternatively, sign-up for a free account and try it for yourself. Your first 10 users are free forever.

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.