By Megan Anderson Posted October 28, 2019
Cloud resources have revolutionized the way we do work today. Offices are more mobile, giving employees access to critical resources anywhere, at any time. This enables them to get work done at a faster rate than people could just 20 years ago.
In addition, the quality of that work is better because cloud resources enable greater collaboration. This in turn enhances employee satisfaction and thus, customer satisfaction. The cloud has also empowered small businesses by providing them with resources, such as video conferencing, that were once only reserved for major corporations.
Nowadays, IT organizations using only Active Directory® (AD) stifle their ability to manage cloud resources such as G Suite™, Office 365™, and AWS®. AD is also hampered by limited support for Mac® and Linux devices. After all, AD was created at a time when the phrase “the cloud” hardly referred to anything beyond water vapor.
However, there are ways to make AD work in the cloud-computing era. Here are a few methods to do so.
Azure Active Directory
Azure AD® is a cloud-based service that was released by Microsoft® in 2010 to act adjacent to AD. The goal was to allow AD users to leverage their existing identities with Azure services along with select third-party web applications and Office 365™. But it is not an AD replacement. Rather, it is an additional product meant to extend an on-prem implementation of AD to the cloud.
Azure AD is best for these scenarios:
- IT organizations that are virtually all Windows and will leverage only Azure in the cloud.
- Organizations that are driven by compliance needs to be Microsoft focused and AD-centric.
However, managing non-Microsoft systems, applications, and cloud infrastructure is still difficult to accomplish through Azure AD. There are numerous add-ons that can be used together, like patchwork, to cover these gaps, but one add-on may not work well with another. This can cause conflict that leads to errors which void the value of the add-on entirely, leading to wasted time and effort.
Active Directory Without Azure
One alternative to Azure is Active Directory Federation Services® (ADFS), which provides single sign-on (SSO) access to third-party systems and applications. However, this solution is much more complex and can easily be broken during implementation due to human error. Plus, due to its complicated nature, the amount of time spent setting up — and likely fixing — ADFS can run up a bill. ADFS further cements your infrastructure on-prem and, while it works for web application SSO, it really started its life solving a different problem many years ago.
That, on top of the extra time the IT department must devote to incorporating non-Windows® systems in AD and ADFS, means that more resources are spent on building and repairing your infrastructure rather than on projects you may prefer to be working on.
Extend Active Directory to the Cloud
If your IT environment is comprised entirely of Windows systems and applications, or if you will end up being Azure centric, Azure AD may be something to consider. However, if you work in a mixed-platform environment with a combination of systems, applications, and non-Microsoft providers, you may feel stuck at a dead end.
Plugging add-ons is an option for integrating AD with cloud-based resources, but it is counterproductive for IT workflow. Depending on how many add-ons are used and how extensive the enterprise’s IT department is, it can feel like stepping through a nest of wires and hoping not to trip. A single add-on that did the work of multiple would be the best solution in this case.
For instance, JumpCloud®’s AD Integration acts as both a system management tool and a directory extension. Unlike the gamble of trying to make multiple add-ons work together in harmony, AD Integration is an all-in-one solution. It removes the headache from binding AD to cloud-based and non-Microsoft IT resources by extending AD identities to them.
JumpCloud’s AD Integration also makes it easy to manage Mac and Linux platforms while providing secure connection to WiFi networks through RADIUS. Plus, it gives you a managed solution, a self-service portal for resetting credentials, and the ability to require MFA so that connections to private resources are protected.