Directory-as-a-Service: All the LDAP with None of the Pain

By Greg Keller Posted May 13, 2015

ldap daas directory-as-a-service lightweight directory access protocol

The Lightweight Directory Access Protocol has been around for almost two decades and is one of the standard protocols for directory services. In that time, many tools have been developed that leverage LDAP as the underlying protocol to authenticate and authorize users to devices, applications, and networks. Some of these tools are open source, others commercial software.

OpenLDAP is the leading open source solution that IT admins have been leveraging. If you ask those IT admins about it, universally you will hear, “highly flexible, but painful to implement.”

OpenLDAP: Painful to Implement

Setting up and configuring OpenLDAP on your own is a challenge. It may claim to be “lightweight”, but there is nothing lightweight about the implementation. IT admins struggle through installing, configuring, and then making it highly available.

The challenges show up particularly as IT admins start to connect their devices, applications, and networks up to their OpenLDAP user store. Linux based devices are relatively straight forward. Move to Mac OSX and things get complicated quickly.

Applications sometimes have well documented connection settings, but more often than not the process is convoluted. It all depends upon how OpenLDAP has been set up and how the application wants to access the user directory.

How to Make the Best of OpenLDAP

At JumpCloud, we see the incredible value in OpenLDAP. A central user store is critical to the foundation of a company. As more organizations are leveraging IT to be the core engine powering their company, building a strong foundational infrastructure is important.

Controlling user access across the enterprise is a central part of that foundation – and, that’s where it can play a strong role. LDAP can be the central user store to appropriately connect your users to the IT resources that they need.

To that end, JumpCloud built a directory service that makes it easy for IT organizations to leverage LDAP but not endure the pain of implementing, managing and using it.

LDAP and Directory-as-a-Service™

JumpCloud’s Directory-as-a-Service provides is a cloud-based directory solution enabling devices, applications and virtually any IT resources to authenticate and authorize users via the LDAP protocol.

Users are added to JumpCloud and then devices and applications can validate access through LDAP. Admins will find it much easier to connect devices, applications, and networks to JumpCloud’s LDAP server.

All of the settings and configurations have been standardized so that it is much easier to figure out how to put everything together. For added guidance, JumpCloud has a number of examples of connecting a variety of popular applications to it’s LDAP server endpoint.

All the Benefits of LDAP, None of the Pain

With Directory-as-a-Service, IT admins finally get what they want out LDAP. The core user directory can even be used for other protocols, including SAML, RADIUS and REST-based APIs.

JumpCloud’s Directory-as-a-Service can serve as your LDAP user directory, but also integrate with other devices and applications that may not leverage LDAP. All of this without the pain of running your own directory services.

If you are interested in leveraging LDAP without the heavy lifting, give JumpCloud a try. 10 users are free forever.

learn more jumpcloud
Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts