JumpCloud Office Hours: Join our experts every Friday to talk shop. Register today

Cloud Server User Management



This is the 1st blog of our four part series on cloud server user management. Here’s a list of the others.

  1. Cloud Server User Management (you’re here!)
  2. 6 Ways to Manage Users on Cloud Servers
  3. Challenges of Connecting Directory Services to Cloud Computing
  4. Connecting Cloud Servers to your AD or LDAP Store

Organizations have traditionally leveraged Microsoft Active Directory® (AD) or the Lightweight Directory Access Protocol (LDAP) solution OpenLDAP for managing access to their on-premise server infrastructure. LDAP and AD manage things like who has access to what within the organization. LDAP and AD are the core identity provider for an organization.

In recent history, cloud Infrastructure-as-a-Service (IaaS) has started playing an important role throughout IT solutions. An increasing number of businesses have replaced antiquated hardware with remote, cloud-based solutions for corporate infrastructure. This shift affects the dynamics of managing user access control. Servers, which used to exist on premises in data centers, are being replaced with web-based hosting services like Amazon Web Services (AWS), Google Compute Engine, Rackspace, SoftLayer or other cloud hosting providers.

How do organizations manage access to these cloud servers? How do they ensure that the servers remain secure and aligned with user access privileges? When their development and operations teams are all over the world and there is no ‘on-prem’ network, how do you secure access?

Cloud Server User Management Workarounds

Struggles with Active Directory

Currently, IT admins use the following approaches to manage users on cloud servers:

  • Manual user management
  • Config automation (e.g. Chef/Puppet)
  • Expose AD/LDAP to the Internet
  • Secondary AD/LDAP user store
  • Enterprise Identity and Access Management solution

In a separate post, we dig into each one of these potential options, highlighting the benefits and shortcomings of each approach. As you’ll see in the end, each of these options is sub-optimal for IT organizations. The real solution is implementing a cloud-based directory service, such as Directory-as-a-Service®, that integrates with an organization’s current setup. This Identity-as-a-Service is a game changer for organizations that are not bound by location, protocol, or platform.

Cloud servers are a core part of an organization’s IT infrastructure. Determining how to connect them to your user store is an important task. If JumpCloud’s cloud identity provider approach can help you think about this problem, please drop us a note. Or feel free to try our Identity-as-a-Service platform. Your first 10 users are free forever.


Recent Posts
Samba file servers are a popular option when considering file storage. So IT admins are focusing on LDAP authentication for Samba file servers.

Blog

LDAP Authentication for Samba File Servers

Samba file servers are a popular option when considering file storage. So IT admins are focusing on LDAP authentication for Samba file servers.

Integrating AWS Client VPN into your IT environment is simple with the help of a cloud directory service. Try one here for free.

Blog

Integrating AWS Client VPN into Your IT Environment

Integrating AWS Client VPN into your IT environment is simple with the help of a cloud directory service. Try one here for free.

We’re launching JumpCloud University, a free education platform to help you get the most out of your directory. Try JumpCloud free today.

Blog

JumpCloud University: Our Approach to Education

We’re launching JumpCloud University, a free education platform to help you get the most out of your directory. Try JumpCloud free today.