Cloud Directory Replacement

By Vince Lujan Posted June 19, 2018

Cloud Directory Replacement

Most IT admins will tell you that implementing a cloud directory replacement for traditional, on-prem identity providers, such as Microsoft® Active Directory® (AD), makes a lot of sense. The challenge is that AD is so entrenched in so many IT organizations that the thought of shifting to a cloud directory alternative can seem daunting. Yet, as the IT landscape continues to shift and evolve, legacy approaches to identity management are breaking down. Why? Let’s take a trip down memory lane to find out.

Traditional Directory Services

Replacing Active Directory in the cloud

The modern era of identity management kicked off in 1993, when Tim Howes and his colleagues at the University of Michigan invented the LDAP authentication protocol. This innovation would inspire a new generation of identity management solutions, namely, OpenLDAP and Active Directory. Both of these solutions would go on to become market leaders in the directory services market. Active Directory, would ultimately become the on-prem market leader, primarily because IT environments were essentially all Windows-based and on-prem in the late 1990s when AD (and OpenLDAP) was introduced.

Challenges with Traditional Directory Services

Active Directory fails in the cloud

As the IT environment started to move away from Windows-based systems and applications in the mid-2000s, a number of identity management challenges emerged. These challenges included the inability to control non-Windows IT resources with AD, maintaining security in hybrid or cloud environments, and a market-wide shift away from on-prem infrastructure altogether.

The key drivers behind these challenges were innovative IT solutions such as AWS® cloud infrastructure, G Suite and Office 365 productivity suites, Mac® and Linux® systems, web applications such as Slack®, Github®, Salesforce®, and more. Solutions such as these offered numerous advantages compared to traditional, on-prem alternatives, such as decreasing costs while increasing efficiency. However, one consequence was that traditional directory services solutions struggled with non-Windows resources and those that weren’t on-prem, since a direct connection was required.

Of course, there are third-party solutions available, such as web application single sign-on, identity bridges, privileged identity management, and more, which can be layered on top of Active Directory. Their purpose is to extend AD identities to non-Windows and cloud-based IT resources, thus, mitigating many of the challenges with connecting to the IT resources previously mentioned and many others. In doing so, IT organizations can effectively manage all of the IT resources in their environment.

The issue with this approach, however, is that it adds significant complexity and cost because it requires implementing and maintaining multiple solutions. Further, many of these add-on solutions still require AD on-prem, and they generally only support a small subset of an organization’s overall IT network. IT admins have basically been stuck with this approach for many years now because there really hasn’t been much of a choice. Fortunately, it was these challenges that led to the idea of a cloud directory replacement for the legacy, on-prem, Active Directory approach.

Directory Services in the Cloud

JumpCloud directory-as-a-service

Known as JumpCloud® Directory-as-a-Service®, this modern IDaaS (Identity-as-a-Service) solution securely manages and connects user identities to the IT resources they need, including systems, applications, files, and networks. As a completely cloud-based directory, IT organizations can also eliminate their entire on-prem identity management infrastructure, including AD and all of their third-party add-ons, in favor of a single solution that can provide centralized IAM capabilities for all of their IT resources without anything required on-prem. Further, because JumpCloud has taken a cross-platform, protocol-driven, and vendor-neutral approach, you can rest assured that Directory-as-a-Service will scale with your organization for years to come.

Learn More About Cloud Directory Replacement

If you are still unsure about whether or not the JumpCloud Directory-as-a-Service platform can serve as a cloud directory replacement for Active Directory and LDAP, drop us a note or check out the following whiteboard presentation for more information. You can also sign up for a free account to check out the full functionality of our platform for free. We even offer 10 free users (free forever) to help you get started.  

Vince Lujan

Vince is a writer and videographer at JumpCloud. Originally from a small village just outside of Albuquerque, he now calls Boulder home. When Vince is not developing content for JumpCloud, he can usually be found doing creek stuff.

Recent Posts