By Kayla Coco-Stotts Posted January 22, 2020
Microsoft® Active Directory® (AD) has been a mainstay within organizations for decades, providing IT admins with a directory service that effectively manages fleets of Windows® systems and users. For small businesses and MSPs, AD was an indispensable tool that allowed IT admins to leverage secure control over an entire workplace.
However, with the rising adoption of cloud-based, non-Windows resources like macOS® and Linux® systems, small businesses and their managed services providers (MSPs) have begun to question whether Active Directory is still the best option. Is there another option for managing users, systems, and applications that is flexible and cost-effective for IT admins and MSPs in smaller organizations?
Directory Services for Small Businesses and MSPs
Leveraging a core identity provider (IdP), which is put in place by IT admins or their MSPs, can effectively organize and secure virtually all of a business’ IT resources regardless of how large or small they are.
When leveraged through an MSP, organizations can alleviate financial pressures associated with managing the entirety of their IT infrastructure in-house. MSPs can operate efficiently with an inclusive, cloud-based directory service that can be leveraged from anywhere, not just on-prem. As a result, this cloud service provides cost-effective management for the IT infrastructure of a small business.
Additionally, directory services are imperative for small businesses looking to combat the increasing threat of hackers and phishing, with cybercrime damages reaching an average of $13 million per organization in 2018.
Leveraging a secure, core IdP that can connect users to virtually any IT resource from the cloud can transform an IT admin’s workflow by automating processes like onboarding and offboarding. It also gives admins the tools required to authorize and authenticate users so that users may accomplish their daily tasks.
In contrast, let’s take a look at the costs, productivity, and flexibility of AD as it relates to the success of IT admins in small businesses, as well as MSPs.
Active Directory offers a wealth of services that IT admins can employ to manage Windows systems housed within an organization. Of these, the most common are:
- Centralized identity and access management
- Password management
- Group policy objects (GPOs)
- LDAP/Kerberos support
However, for modern small businesses and MSPs looking to bridge their services to non-Windows resources like Mac and Linux machines, AD struggles to effectively control and manage services outside the scope of Microsoft’s IT stack.
IT admins and MSPs can add third-party tools, or add-ons, to extend AD to disparate systems, but the increased cost, management, and occasionally, limited support leaves a great deal to be desired by those managing infrastructure. Ultimately, this can lead to admins leveraging additional third-party services and extensive licensing on top of other solutions to get AD to operate for modern infrastructure. The costs associated with implementing hardware, add-ons, monitoring, backups, data centers/on-prem servers — and the time associated with such extensive implementation — can be overwhelming for MSPs and IT professionals within small businesses.
Additionally, AD is still housed on-prem, requiring admins to maintain legacy hardware, as well as forcing them to add solutions to provide authentication and access for users on web-based applications and productivity suites like G Suite™ and Office365™.
IT admins and MSPs within small businesses should utilize a directory service that caters to a modern, heterogenous workplace. This core IdP should function fully across all platforms without forcing admins to toil away with add-ons.
When it was introduced in 1999, the goal of Active Directory was to make the idea of IT management for admins working on Windows desktop computers a productive one, with an IT professional easily maintaining and controlling user access to the array of systems all housed under one roof. What AD struggles with now is maintaining productivity for an IT admin wishing to leverage one directory service over a variety of systems and applications.
Microsoft® introduced cloud-based Azure® Active Directory (Azure AD) as a way for users to connect to external resources like Office365 and Azure. This service was designed to be used in conjunction with on-prem AD, granting IT admins access to web applications previously hosted entirely apart from AD. However, Azure AD ultimately hinders admin productivity and increases costs by introducing an additional components required for managing web applications and cloud-based resources.
Modern directory services should offer one interface for admins to work off of, maintaining productivity while giving professionals the tools they need to grant users access to a host of cloud-based applications and services.
With innovation there must be flexibility. In the world of technology, innovation is ever-present, and people across the globe are enjoying the benefits of improvements within the computing and digital space.
Unfortunately, AD struggles to remain flexible in such transformative times. IT admins within small businesses, as well as MSPs, are forced to sacrifice a move toward modernization as a result. Because AD does not natively support macOS systems, Linux machines, productivity suites, and applications, admins resort to implementing security protocols and services outside AD to keep their networks secure.
For small businesses, the threat of hackers is substantial and can be financially devastating. AD is rigid in its implementation and protection, leaving a large scope of services unprotected until admins enact protocols like SAML and RADIUS (which require extensive implementation as well).
Modern Directory Services for Modern Small Businesses
JumpCloud® Directory-as-a-Service® (DaaS) provides small businesses with the flexibility required to maintain productivity with modern technology. With a centralized, domainless cloud directory, admins are able to implement cross-platform management in a secure, provisioned way.
In addition, DaaS gives MSPs the opportunity to work in conjunction with a directory service that focuses on the inclusion of most IT resources companies need, all from a singular, cloud-based interface. With one domainless directory service, MSPs can generate more profit and save their clients money.
DaaS provides admins with the entire set of tools they need for successful user management while saving professionals time with group-based provisioning and end user self service.
Interested in trying out a cloud-based directory? You and up to 10 users can try it for free, forever.