By Greg Keller Posted November 3, 2016
The IT market is an interesting market to observe. With technology moving at such a rapid pace, it is interesting to watch and see what technologies are able to sustain themselves for many generations and those that aren’t.
Recently, the on-premise directory has come under the microscope. IT admins are asking themselves and their colleagues, “Is Active Directory relevant anymore?”
The Need for Active Directory®
AD relevant? More like mandatory. For almost two decades, Microsoft has been able to keep AD practically compulsory for most organizations.
So until now, it really hasn’t been a question as to whether you needed AD or not. It was just assumed that you would implement it. In fact, if you asked most IT admins about directory services they couldn’t name more than two solutions – AD and OpenLDAP!
When somebody asks the question of whether AD is relevant anymore or not, that’s a pretty major departure from the views of the past two decades. But, there is good reason for the question. The IT world isn’t what it used to be. Fundamental shifts in the IT landscape are changing the relevance of Active Directory.
Those changes include the following:
Organizations are moving to the cloud for their data center infrastructure with AWS, productivity applications leveraging G Suite and/or Microsoft Office 365, and applications that previously were on-prem (e.g. CRM, HR, accounting, source code control, and more). Active Directory struggles with anything not located on the local network. Each IT resource requires a direct connect to the network where Active Directory is hosted and because of AD’s security model, it isn’t possible to put it on the public network. The result is VPNs and other networking paths to connect to AD.
In a cloud forward world, that doesn’t make sense and is a great deal of overhead.
Mixed Platform Environments
Active Directory doesn’t do a great job with other OS platforms such as macOS or Linux. The result is that you either need to jump through hoops to try and get AD to connect to non-Windows platforms or you will end up purchasing an additional, third-party solution to cover AD’s weaknesses.
Of course, today’s modern IT infrastructure is heterogeneous and not ties to Windows.
Hardly a day goes by without a security breach. Largely, these breaches are a function of compromised credentials. Somehow, someway a hacker has obtained a user’s credentials and those are then leveraged to access an organization’s critical infrastructure.
Active Directory didn’t grow-up in a time when security was as important as it is today so it ends up lacking a large number of critical security features to help protect credentials, detect breaches, and provide detailed audit and logging data.
Microsoft sells AD under the same sort of model that it has for almost two decades. While you can purchase AD under a subscription model, it isn’t like the modern SaaS models that many organizations are leveraging. Those organizations are able to pay for only what they use and on an ongoing basis versus up-front.
The SaaS model is advantageous to customers because of how it shifts control from the vendor to the customer.
So is Active Directory Relevant Still?
The truth is that for most cloud forward, heterogeneous IT organizations, Active Directory just isn’t relevant anymore. The positive news is that there is a new generation of technology called Directory-as-a-Service® focused on solving a number of these Active Directory shortcomings. Think of Directory-as-a-Service as AD and LDAP reimagined for the modern, cloud era.
If you would like to learn more about whether Active Directory is relevant for your organization or not, drop us a note. We’d be happy to walk you through the pros and cons of Active Directory and compare that to the AD alternative, Directory-as-a-Service.
Or, sign-up for a free account and try the cloud identity management platform for yourself. Your first 10 users are free forever.