By Ryan Squires Posted November 24, 2018
Today’s modern IT environment is filled with Mac® endpoints. Some shops now leverage solely macOS® systems. The problem that many IT admins are faced with is just how to manage all of these Mac systems. Because most IT networks in the past used to be on-prem and Windows®-based, many IT admins are quick to wonder whether using Active Directory® for macOS® environments is a feasible option.
An Active Directory Past
Perhaps because of the dominance that Microsoft® has enjoyed with their Active Directory platform, AD is the default directory that sysadmins think of. And that makes a lot of sense. When Microsoft Active Directory was designed over two decades ago, the IT infrastructure it was intended to control was largely Windows-based and on-prem. We have to remember that the vast majority of systems some twenty plus years ago were desktops—large, beige desktops.
Because of this early arrangement, the view was that Microsoft could lock-in their customers to high-margin solutions such as Windows® and Office™ and tie it all together via Active Directory . With all this context, it is easy to understand that AD is optimized for Windows. Microsoft has never really had an incentive to introduce support for competing endpoints. They want their customers to remain cuffed to Microsoft solutions.
macOS Enters the Fray
The problem for IT admins though, is that over the past decade Apple’s Mac platform has made tremendous inroads into enterprises. People simply want to use them. A recent survey indicates that when given the choice, 72% of enterprise employees would choose a Mac system. The problem is, Microsoft doesn’t care much for accommodating those requests. Perhaps that’s why only about half of enterprises allow their employees to make that choice. Nonetheless, IT organizations and their admins are struggling to manage the Mac platform. Those with Active Directory in place have generally been left with two options to manage macOS environments: invest in add-on solutions like an identity bridge or leave Mac systems unmanaged. Both options are far from ideal.
The problem with identity bridges is that they’re expensive and add-on not only to the AD infrastructure but to its price as well. Second, not managing your macOS systems can present a major security concern. With no ability to implement password complexity requirements, screen lock, or multi-factor authentication (MFA) any lost Mac is enough to keep an IT admin up at night. But this doesn’t have to be the case.
A New Solution for macOS Environments
A new solution has emerged to help manage macOS systems from the cloud, and its called JumpCloud® Directory-as-a-Service®. Because it’s delivered as a Software-as-a-Service (SaaS) solution from the cloud, that means no more space-consuming, heat-generating AD implementation to wrestle with. As a platform-neutral solution, you will be able to manage all major systems, Windows, Mac, and Linux®, from a single “pane of glass.” JumpCloud also offers the System App, that allows users to reset their passwords right on the system, which takes a significant amount of strain off IT admins. But, that’s not all.
JumpCloud was designed to enable access to just about any IT resource you can think of including web and on-prem applications like Slack, GitHub™ and Jira®, and cloud infrastructure platforms such as Amazon Web Services® (AWS®), Google Cloud™, and Azure® as well as virtual and physical file servers, RADIUS-protected networks, and more. In addition to these capabilities, JumpCloud is very serious about security, so our cloud-based platform will enable you to manage systems with GPO-like Policies, adopt multi-factor authentication (MFA), and establish event logging.
Learn More About JumpCloud
Using Active Directory for macOS environments will likely present quite the challenge for IT admins. Sign up today for JumpCloud Directory-as-a-Service to see how a platform-agnostic solution can help you to streamline your IT environment. Drop us a line today to learn more, or visit out Knowledge Base for help with getting your account set up.