By Vince Lujan Posted July 25, 2019
IT admins know that Microsoft® Active Directory® (AD) has been a juggernaut in the identity and access management (IAM) category since the turn of the century. More recently, however, a new generation of cloud directory services platforms have been disrupting Microsoft’s monopoly in the legacy directory services space.
As a result, IT admins can break free of Microsoft’s lock-in strategy and shift the heavy lifting of implementing and maintaining their IAM infrastructure to the cloud. In doing so, they can enhance security and accessibility while simultaneously reducing cost and management overhead. Let’s take a closer look below.
An Explanation of Active Directory
Active Directory is a legacy directory services platform that was originally developed for on-prem networks of Windows® -based IT resources. An on-prem solution itself, AD comes bundled with the Windows Server® platform, Microsoft’s OS for enterprise server workloads.
Back when AD was introduced, IT networks were primarily on-prem and Windows-based, which is why AD quickly became a leader in the directory services space. Given the dominance of the Windows OS through the years, AD has remained the core identity provider (IdP) in most organizations since the turn of the century.
New IT Resources Emerge
However, as a wide variety of non-Windows and cloud-based IT resources came to market in the early 2000s (and on into the present), IT admins came to realize that they were difficult to manage directly with just AD alone. Innovations such as macOS® and Linux® systems, web applications, infrastructure-as-a-service (IaaS), G Suite™, and even Office 365™ and Azure® were difficult to manage directly with traditional AD tooling.
Some of the most powerful functions of the AD platform also did not extend to non-Windows resources. For example, Group Policy Objects (GPOs) are templated commands and scripts that enable IT admins to remotely configure policies on large groups of Windows systems at once, and from one centralized location.
The challenge is that Microsoft never designed AD to support non-Windows platforms such as macOS and Linux on the same level as Windows systems. Consequently, powerful features like GPOs generally cannot be used for non-Windows systems and servers without the help of third-party tools.
In response to this, an entire generation of AD extension technologies emerged to bridge the gap between AD and non-Windows IT resources both on-prem and in the cloud. While effective, unfortunately, IT admins then required an array of third-party solutions and services to extend AD to newer innovations such as those previously mentioned.
IT Admins Lose Faith in AD
Essentially, the issue with the add-on approach is that modern IT admins don’t want to cobble together their IAM strategy with an aging IdP on-prem and a host of add-ons. While this approach may be viable for older organizations with more mature IAM implementations, in the cloud era, smaller cloud-forward organizations and startups especially would prefer not to maintain anything on-prem.
Unfortunately, it would appear that Microsoft is committed to maintaining the status quo. Even their new cloud-based Azure AD platform is not a viable alternative to AD, despite having AD in the name. Rather, it’s basically yet another add-on to the legacy AD setup, which further entrenches an organization on-prem, locking them in to Microsoft products.
A Change in the Guard
Fortunately, a legacy directory services alternative has emerged from the cloud that does not share this vendor lock-in strategy nor Windows-centric focus. This Directory-as-a-Service® , available from JumpCloud® is designed to be a highly flexible platform that adapts to your environment, not the other way around.
This is demonstrated by the fact that JumpCloud can integrate seamlessly with AD and Azure AD to extend Windows identities to a wider range of IT resources. It can also replace the legacy AD platform entirely. JumpCloud can then integrate with other directories such as LDAP, Office 365, G Suite, and more with the native functionality of the Directory-as-a-Service platform.
JumpCloud even offers GPO-like functionality that is akin to AD GPOs for Windows. The key differences are that JumpCloud Policies are designed for cross-platform system environments (i.e., Windows, macOS, and Linux), and can be deployed to systems remotely without the help of additional third-party services.
Essentially, JumpCloud Directory-as-a-Service is Active Directory reimagined for the cloud. That is, a modern directory services platform that securely manages and connects users to virtually any IT resource, regardless of the platform, provider, protocol, or location.