By Ryan Squires Posted December 10, 2018
Many IT organizations are looking to shift their core identity provider (IdP) to the cloud. And that desire to move to the cloud has caused a lot of them to look at the leading cloud directory service, Directory-as-a-Service® (DaaS). There are a number of ways that IT admins can leverage the cloud-based directory for their internal use, as well as manage the directory itself. In this blog post, we discuss Directory-as-a-Service administration with PowerShell.
Before we dive into the functions that can be controlled from PowerShell for the cloud directory, we should take a step back and provide a little bit of background for both. Directory-as-a-Service represents the next generation of cloud directory services. It securely manages and connects users to their IT resources including systems, applications, files, and networks. IT admins can think of the Identity-as-a-Service (IDaaS) platform as a replacement for Microsoft® Active Directory® (MAD or AD) and OpenLDAP™. As a SaaS-based identity provider, IT organizations can manage the IAM platform in three ways: via the web-based console, REST APIs, and PowerShell. This last method of Directory-as-a-Service administration is highly interesting to IT admins who are looking to automate their administration with PowerShell skills that they already possess.
Microsoft introduced PowerShell in 2006. As a Microsoft tool, it was originally only intended for Windows® systems. So, what does it do? PowerShell is a command line task automation framework. The goal of PowerShell is for independent software vendors (ISVs) and IT admins to be able to automate tasks without having to write at the API layer or manually script functions. PowerShell was later expanded to include Mac® and Linux® systems, meaning that IT admins could administer functions on systems or applications from whichever platform, for whichever platform. IT admins should think of PowerShell as a middleware framework that can drive significant automation across applications, systems, and environments. If you want to see how JumpCloud customers have implemented PowerShell, check out our Priority One case study.
Directory-as-a-Service Administration with PowerShell
As it relates back to Directory-as-a-Service, JumpCloud has created a PowerShell module that can be downloaded and used by IT admins to manage the cloud directory service (download it here on GitHub). Noting the comment in the previous section, the identity provider administration can be done from the IT admin’s Windows, macOS®, or Linux system. The JumpCloud PowerShell module is able to control virtually any function from where there is an API. So, tasks such as adding, deleting, and modifying users, groups, and access can all be done from the JumpCloud PowerShell module. Further, tedious tasks such as unlocking users and resetting passwords can be easily performed via the PowerShell module as well. In fact, virtually any task that can be done via the JumpCloud API is available from the module for automation.
All told, many IT admins prefer to automate their tasks via PowerShell because some tasks are simply too large/difficult to utilize a GUI for. And for those IT admins, the JumpCloud PowerShell module can be a great time saver. But, PowerShell isn’t the only way that IT admins can save time with Directory-as-a-Service. Directory-as-a-Service allows users to self-service their own password resets via the JumpCloud self-service portal or via the System App for Mac endpoints. Or, you can securely automate SSH key management. Additionally, getting down to its most basic, when you utilize a cloud directory, no longer do you need to configure, maintain, or secure on-prem servers. These are just a few ways JumpCloud can increase your productivity.
Learn More About JumpCloud
The ability to automate is a major reason for leveraging Directory-as-a-Service administration with PowerShell. Not only does it save time, but it also allows you to move your organization to the cloud. If you’re ready to see how JumpCloud can help you, sign up for a free account today. With a free account you can manage up to 10 users for free, no credit card required. Once you’ve signed up, be sure to check out our Knowledge Base, blog, and YouTube channel for more information about how you can maximize the value of your account.