By Zach DeMeyer Posted August 26, 2018
IT admins are the arbiters of control when it comes to user access of IT resources. Their main tool of doing so is the directory service, most often the legacy, on-prem Microsoft® Active Directory® (MAD or AD). For those that don’t know about it, Active Directory is easy to misunderstand. Before we dive into the definition of Active Directory, however, it is best to first understand directory services as a whole.
What is a Directory Service?
The directory service is a tool used by IT admins to create and manage identities for their users, and then give those identities access to the resources they need to use. By leveraging identity and access management (IAM), namely a directory service, IT admins can improve security in their organizations, and ensure that work happens smoothly. It is a functionality that many employees often take for granted.
So, what is Active Directory® anyways?
Microsoft Active Directory is one such directory service, and one of the most widely used directory services in the world. Originating in 1999, Active Directory is based upon LDAP, the Lightweight Directory Access Protocol, as well as Kerberos and other proprietary protocols. In those days, AD was one of many Windows® softwares used by the workforce, and since they were all under the Microsoft umbrella, AD easily linked users and their Windows-based resources.
IT started to evolve in the mid-2000s, however, and AD’s grip on the industry started to slip. Users started to use other platforms, such as Mac® and Linux®, while AD could really only dole access to Windows users effectively. The advent of WiFi, laptops, and other network changes required organizations that utilized AD to implement big infrastructure changes, like VPNs and RADIUS servers among others, which in turn cost IT enterprises a lot of time and money. As if those changes weren’t enough, IT began a shift to the cloud.
The idea of widespread use of resources via the Internet was one that was appealing to software vendors. This mindset led to the development of Software-as-a-Service (SaaS) solutions. While many IT resources started to shift to the cloud with SaaS, AD was locked on-prem. Developers created single sign-on (SSO) solutions to fill the hole between web-based SaaS apps and AD. Like with VPNs, however, SSO platforms created another layer of cost and complexity for organizations leveraging Active Directory. Clearly, Active Directory struggles in the cloud era.
Redefining Active Directory for the Modern Era
JumpCloud® Directory-as-a-Service® (DaaS) is a reimagination of the definition of Active Directory for the modern era. JumpCloud challenges the directory service status quo with its ability to leverage directory services regardless of locale, platform, protocol, or provider. JumpCloud has no need for VPNs thanks to its built-in mutual TLS architecture. Unlike SSO solutions, Directory-as-a-Service can federate access to both web-based and on-prem applications. DaaS also provides identity security with multi-factor authentication (MFA), which can be used on Mac and Linux as well as to access the JumpCloud user and admin consoles.
Redefine Active Directory for your organization with JumpCloud Directory-as-a-Service by signing up for DaaS today. Not only is signing up free, but so are your first ten users. If you have any questions about DaaS, feel free to contact our support team. You can also check out our YouTube channel or Resource page to learn more via our ever-growing content library.