By Greg Keller Posted April 8, 2015
As organizations grow, it becomes complicated to keep track of the level of access each individual user needs to which IT resources. At this point, companies begin looking for a directory such as Active Directory® to help authenticate, authorize, and manage their users and the IT resources they have access to. Below, we’ll cover why directory services are necessary and explain why you might want to reconsider implementing Active Directory.
Increasing IT Complexity
When a company starts, it is easy. There are just a few people and IT resources. Perhaps there is Google Apps (now known as G Suite), some laptops or desktops, and maybe a few applications. Technology companies may have a server or two at AWS or Google Compute Engine, but that ends up being the extent of the IT infrastructure.
Over time, as more people are added to the team and the business develops, there are more IT needs. More applications are added, including some developed internally. Maybe more types of infrastructure are needed, including wireless infrastructure. Around this point, an IT admin may be added and their job becomes to bring order to all this the chaos.
The Power of Directory Services
One of the best ways to add that structure is to use directory services. Effectively a directory service is a matrix of users and the IT resources that they can access. Directories also segment the level of access that the user has, which is an important refinement of access.
Organizations that hire a directory service gain more control over their IT infrastructure, because now there is a place to check and look to see who has access to what. This is especially important when terminating access for a user; the directory ensures that access is gone everywhere.
Conventional Directory Solutions
Organizations at this stage, have historically had two options: on-premises directories such as Microsoft Active Directory® or OpenLDAP™ . Both software applications have enjoyed widespread adoption over the last decade-and-a-half. Microsoft AD is often the choice for organizations that are predominantly Windows-based. OpenLDAP is popular with organizations that have more varied infrastructure such as Linux and Unix-based systems and applications.
An organization faces a dilemma when it is both heterogeneous and cloud-based. AD and LDAP both struggle when asked to manage a myriad of devices and applications located in different places. For example, cloud server infrastructure is difficult to connect back to an on-premises directory. Device management isn’t possible with LDAP and with AD it’s only possible on Windows. The mass migration of organizations to Google Apps in the cloud doesn’t match well with placing a directory on-premises.
Bringing Directories to the Cloud
A new generation of technology is available for these situations. Directory-as-a-Service® (DaaS) is a cloud-based directory service taking on the challenge of connecting users to all of the types of IT resources they need. These resources can span a wide variety of device and application types and can be located in the cloud or on-premises. The beauty of DaaS is the unification of all of an organization’s resources users, devices, and applications in one spot. IT admins can finally manage access with central control.
For organizations considering Active Directory or OpenLDAP, check out Directory-as-a-Service. It may be an easier, more comprehensive solution for companies that are leveraging a multitude of platforms on the cloud. You can sign-up and get your first 10 users free forever. Alternatively, if you have any questions on directories, whether it’s AD, LDAP, or DaaS, feel free to contact us. We would be happy to discuss what the best solution for you is.