By Vince Lujan Posted September 6, 2017
Microsoft Active Directory® (AD) is the most popular solution for directory services currently available. Yet, its success is largely dependent on a Windows focused on-prem environment. As the world moves to the cloud and to a wider variety of platforms, many IT admins are wondering if there is an option for Active Directory as-a-Service?
If you’re looking for a solution from Microsoft, the short answer is no. However, there are alternatives available. Directory-as-a-Service® is one such solution, and many see it as a window into the future of the identity and access management (IAM) space.
Active Directory Had It Easy
Microsoft introduced Active Directory in 1999. The IT world was different then, with Microsoft Windows® dominating the landscape and virtually all resources on-prem. It’s why AD, which was designed to manage Windows on-prem resources, quickly became the monopoly in the space.
In the mid-2000’s, the IT network started to change. SaaS-based solutions like Salesforce led the way, and their success prompted many other services to look towards the cloud. IT organizations started to see Mac and Linux devices show up – whether they liked it or not. Data centers started to shift to the cloud, web applications started to become more popular and, the network infrastructure started to shift to WiFi.
These next generation cloud solutions had huge ripple effects. Unfortunately, they didn’t come with a next generation management solution to match. Without viable alternatives, organizations continued to lean heavily on AD. This approach worked for a short time while cloud solutions were still a relatively small part of operations. But as platforms like AWS® and Google Apps became critical to the overall business, IT admins began to realize they needed to be more agile, secure, and reliable. For many, that meant a cloud-forward solution to directory services.
On-prem Directory Services: The Issue Persists
The trouble was (and still is) that AD doesn’t work that way. For example, some IT admins tried to leverage a hosted AD solution, which was really just an AD instance moved to a cloud provider. Unfortunately, this didn’t really change much for IT other than who hosted the physical hardware. The labor involved was still the same and the costs were largely equivalent, if not more.
Today, Microsoft is well aware of the cloud-forward mindset, which is partially why they introduced Azure Active Directory. Its release prompted many admins to get excited at the thought of AD-as-a-Service. However, just as many admins were disappointed to find that Azure AD is simply another extension to their on-prem AD instance. In other words, while Azure allows you to move one foot to the cloud, the other foot must be firmly rooted on-prem.
Fortunately, a new option has recently emerged called Directory-as-a-Service (DaaS). DaaS is a virtual identity provider that securely manages and connects user identities to the IT resources they need. Those IT resources could be Windows, Mac, or Linux systems, cloud and on-prem servers (e.g. AWS, GCP, internal data centers), web and on-prem applications via SAML and LDAP, physical and virtual storage solutions, and wired and WiFi networks via RADIUS.
While not technically an Active Directory as-a-Service, JumpCloud’s DaaS is essentially what people are looking for when they use that term. JumpCloud is a comprehensive SaaS-based directory service. In many way, Directory-as-a-Service is really a reimagination of what Active Directory or OpenLDAP should look like for the cloud era.
If you are looking for Active Directory as a Service, check out Directory-as-a-Service. You might like our next generation cloud identity management platform more and it could be your cloud hosted Active Directory replacement.