Cloud Alternative to Active Directory

Written by Jon Griffin on January 27, 2018

Share This Article

Microsoft Active Directory (AD) is the most popular on-prem directory service solution currently available. The trouble is that modern IT organizations seek to eliminate the majority of on-prem IT infrastructure in favor of hosted replacements. That is why many IT organizations are interested in a cloud alternative to Active Directory, called JumpCloud Directory-as-a-Service®.

A cloud AD alternative can be highly advantageous for modern IT organizations. Before we explain how, we should step back and outline the evolution of identity management to reveal why directory services are better in the cloud.

Characteristics of Active Directory

identity management active directory

The modern era of identity and access management (IAM) emerged with the advent of the Lightweight Directory Access Protocol, otherwise known as LDAP. LDAP was created by our advisor, Tim Howes, and his colleagues at the University of Michigan in 1993. Howes told us they created the protocol to help secure decentralized IT environments.

Two major identity providers emerged from LDAP a few years later. The first to arrive was OpenLDAP™, which would become a niche solution primarily for data center implementations. The other was Active Directory, which has become the commercial market share leader. Nevertheless, both solutions have LDAP to thank for their ability to manage the homogeneous, on-prem IT networks they were designed to support.

However, IT networks started to change in the 2000’s as web applications (e.g., Salesforce, Google Apps) and cloud infrastructure (e.g., AWS, GCP) started to replace on-prem solutions. Then, Windows® laptops and desktops started to make way for Mac and Linux systems. Even Windows file servers were replaced with cost-effective Samba file servers and NAS appliances as well as cloud solutions such as Box and Dropbox. In short, IT infrastructure was completely transformed.

Today, IT resources are shifting to the cloud in droves. IT management tools are no exception, and that is why IT admins are interested in a cloud alternative to Active Directory. The good news is that a next generation identity management platform has emerged that is effectively AD and LDAP reimagined for the cloud era. The next generation solution is called Directory-as-a-Service, from JumpCloud.

Bridging AD to the Cloud

With the shift in the IT landscape, many IT admins ponder the best way to bridge Active Directory to the cloud. Microsoft no longer operates as the center of the technological world, and the rapid growth of the cloud means that IT professionals now have to handle a variety of cloud-based applications in the modern workplace.

As environments included cloud infrastructure, web applications, Mac and Linux systems, WiFi, and more, IT admins struggled not only with connecting their users to these IT resources but with how to secure the overall infrastructure.

With Active Directory at the core, many have started to look for add-ons like directory extensions and identity bridges to help extend user identities to these other facets of technology.

Active Directory Extensions

In an attempt to facilitate the transition to the cloud, Microsoft introduced Azure® Active Directory (Azure AD). With Azure AD, admins utilize the Azure cloud and aid user access to Office 365 and Azure services, but this cloud extension still requires an on-prem connection to AD. Additionally, AAD struggles to support other types of systems, providers (e.g. AWS), and productivity platforms (i.e. G Suite).  

With Azure AD, the total cost of ownership (TCO) includes the cost of AD, Azure AD, Azure AD Connect, Azure AD DS, and any other third-party services required to implement new systems beyond a Windows-based environment. There are also costs for multi-factor authentication (MFA) and governance capabilities. 

Identity Bridges

A number of third-party vendors created identity bridges so IT admins could manage non-Windows systems from Active Directory. These bridges were layered with AD to extend AD credentials to macOS and Linux systems. 

Traditionally, these identity bridges were located on-prem, which added additional work in terms of integration and cost. Coupled with the other IAM add-ons needed to shore up AD, and IT admins struggled to accommodate their changing IT network.  

Web Application Single Sign-On Solutions and MFA

Web application single sign-on (SSO) solutions bridge AD identities to web apps, while MFA solutions add extra security. In implementing more add-ons to bridge AD to the cloud, IT admins discovered the challenge in adding tremendous integration work and cost to the overall infrastructure, but they were able to keep the familiarity of the legacy, on-prem AD.

Each addition and add-on cemented the IT management infrastructure on-prem, causing organizations to stray from the cloud, rather than join it, in their attempt to integrate heterogeneous environments with a homogenous directory service. 

Finding an AD Bridge

IT admins struggle with managing such a complex identity and access management infrastructure. And while AD may live on-prem, cloud-based directory extension technology that could cover all of these various needs in one solution from SSO to PAM to user and system management for cloud infrastructure and macOS and Linux would effectively maximize the ROI of AD. JumpCloud’s AD Integration makes it easy to extend your AD-managed identities to authenticate with non-Windows applications and systems not supported by AD directly. 

JumpCloud makes it simple to synchronize your desired users and groups managed in AD, and to gain control over networks, systems, servers, and applications not directly linked to AD. Active Directory can remain as your master authority, with JumpCloud serving as the bridge connecting AD to the cloud.  

Directory-as-a-Service: Cloud Alternative to Active Directory

directory-as-a-service

JumpCloud Directory-as-a-Service is a comprehensive IAM platform designed for modern IT networks. This hosted directory service enables IT admins to seamlessly connect users to IT resources, regardless of platform, provider, protocol, or location. In other words, IT admins can leverage the JumpCloud platform to manage user access to systems (e.g., Windows, Mac, Linux), on-prem applications (i.e., Docker, Jenkins), on-prem and cloud storage (Samba, Dropbox, Box), cloud applications (Salesforce, Zendesk), cloud productivity platforms (G Suite, Office 365), infrastructure-as-a-service solutions (AWS, GCP), networks via RADIUS (wired & WiFi), and more.

Ready to get started? Check out the following video to learn how to export users from Active Directory and import them into the JumpCloud administrative console.

Learn More About the Cloud Alternative to Active Directory

Contact the JumpCloud team for more information about the cloud alternative to Active Directory, otherwise known as Directory-as-a-Service. You can also sign up today and explore the full functionality of our hosted identity management platform at no cost. Your first ten users are free forever.

Jon Griffin

Jon Griffin works as a writer for JumpCloud, an organization focused on bringing centralized IT to the modern organization. He graduated with a degree in Professional and Technical Writing from the University of Colorado Colorado Springs, and is an avid learner of new technology from cloud-based innovations to VR and more.

Continue Learning with our Newsletter