When Active Directory No Longer Fits

By Greg Keller Posted April 24, 2017

When Active Directory No Longer Fits
When Active Directory No Longer Fits

Organizations make assumptions. In the IT world, they make a large number of them in order to simplify their life. But just because an assumption was correct in the past, doesn’t mean it won’t prove to be false over time.

One of those assumptions that we see organizations facing again and again involves their directory. The assumption is this:  Microsoft Active Directory® is the default for directory services. The truth is that as the IT landscape has evolved dramatically in the last decade, so too have directory services transformed.

So let’s reassess our assumptions when it comes to the directory. When is Active Directory the “default right choice” for your company? And when does Active Directory no longer fit?

When Active Directory Ruled the World

Managing Devices

Internal networks started to emerge in the 1990s, and a critical part of the problem quickly became how to manage access and user permissions on the network. Who should have access to what IT resource? Of course, the issue of user access control has become even more important in the decades that followed. But, at the time there wasn’t an easy way to manage user access. Our advisor Tim Howes and his colleagues invented the LDAP protocol which made it much easier to create a directory services platform. This was subsequently done with the open source, OpenLDAP™, and the commercial Microsoft Active Directory.

Networks increasingly became homogenous over the 1990s and early 2000s due to Microsoft Windows being the dominant platform. Microsoft Exchange was the email platform of choice and the data center was generally on-prem or at a colocation facility. Applications were most often built on top of the Windows operating system, and even if there were remote offices and workers, they all connected back to the main location. That main location had always hosted the directory services solution, most often being Active Directory.

IT Grows Up – and Active Directory No Longer Fits

Struggles with Active Directory

It was easy to see why IT would pick AD to be their solution of choice. It was often just assumed that AD was the right choice, and rarely would IT search for other solutions. It just didn’t make sense to go with anything other than Active Directory considering how the IT landscape looked at the time. Fast forward to modern times though, and the IT landscape is dramatically different. Only one in five devices is Windows (Forbes). Google Apps and Office 365 are leveraged for email and the productivity suite. Data centers are obsolete with AWS. Applications have shifted to the cloud.

The underlying assumptions that validated the decision to go with AD are no longer in place.

The Cloud-Forward, Platform Independent Directory  

cloud identity management jumpcloud

The question then becomes when Active Directory no longer fits, what should IT do? The good news is that there are modern directory services solutions that better fit today’s cloud forward organizations. Directory-as-a-Service® is a cloud hosted directory service that connects user identities to the IT resources they need, and can replace Active Directory. This includes Mac and Linux devices, AWS cloud infrastructure, SaaS applications, Google Apps and O365, and more. In short, this unified cloud directory matches the modern, heterogeneous IT environment in a way that AD cannot.

Learn More About Replacing Active Directory

If you are thinking about what to do when Active Directory no longer fits your IT organization, drop us a note. We’d be happy to talk to you about how Directory-as-a-Service is a replacement for Active Directory. Or, feel free to sign-up for a free account. Your first 10 users are free forever – no credit card required.

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts