Can I Extend Active Directory® To Linux Servers?

By Natalie Bluhm Posted August 20, 2017

Linux is now the most dominant operating system platform for the data center, and is becoming  a popular choice for developers. With Linux’s growing popularity, IT and DevOps organizations have been challenged with trying to figure out the most cost-effective and efficient solution for managing access to these machines. With so many organizations leveraging Microsoft Active Directory®, IT and DevOps engineers find themselves with this question: Can I extend Active Directory to Linux servers?

Let’s take a look at some of the challenges that arise when trying to extend AD to Linux servers.

Active Directory Doesn’t Play Well with Linux

There are three significant challenges with trying to integrate AD and Linux machines. The first is that AD wasn’t natively built to support Linux. It can with some configuration on both ends (AD and Linux), but it isn’t as smooth as how AD natively supports Windows machines.

Linux System Authentication

The second issue is that most Linux machines aren’t located on-prem. With the rise of Infrastructure-as-a-Service, IT organizations are replacing their data centers with cloud infrastructure hosted at providers such as AWS, Azure, Google Cloud, and more. The challenge is that AD was built with the concept of direct connect. The Linux machine needs to have clear access to AD. When you start to network remote servers with an on-prem Active Directory server that means you’ll need to jump through some networking hoops.

the future of cloud IAM

The third issue is security. Similar to the issues above, you’ll need to make sure that your remote Linux infrastructure can access your on-prem AD server. But you’ll need to do that securely. Exposing Active Directory to the public internet is a huge no-no. Active Directory’s security model was built pre-cloud so it relies on being in the safe belly of an organization rather than the perimeter. The cloud model is different where components are generally on the internet or one step removed. That requires a more comprehensive, hyper-vigilant security mindset.

server cloud security

With all of these challenges, it is no wonder that IT admins and DevOps engineers struggle to connect Active Directory to Linux servers. The problem is that Linux is making up an increasing percentage of an overall network.

Extend AD to Linux Servers with a Cloud Identity Bridge

There is an easy way to federate Active Directory identities to your Linux machines. Leverage a cloud identity bridge. You’ll simply connect AD to a cloud directory service, which in turn manages user and device access on your Linux machines (Mac too). Your single identity from AD can be utilized for your AWS, Azure, or GCP servers.

Discover how our AD Integration feature can extend your AD identities to Linux servers by signing up for a demo. You’re also encouraged to reach out to us, and we’d be happy to discuss how our virtual identity bridge can centralize your IT environment. We also invite you to start testing our modern, comprehensive directory service by signing up for a free account. Your first ten users are free forever.

Natalie Bluhm

Natalie is a writer for JumpCloud, an Identity and Access Management solution designed for the cloud era. Natalie graduated with a degree in professional and technical writing, and she loves learning about cloud infrastructure, identity security, and IT protocols.

Recent Posts