By Rajat Bhargava Posted September 10, 2015
Management of directory services can be painful.
It’s not that managing an individual directory is difficult; an individual directory can be quite straightforward. It’s when you add in all of the IT resources an organization has to manage that it becomes quite difficult.
Let’s step back and define what a directory is. We are using the term directory very loosely here. A directory service could be one of the traditional, on-premises directories that many IT admins are familiar with (such as Microsoft Active Directory and OpenLDAP).
The Proliferation of “Mini” Directories
Another way to think of a directory is as the “directory” on an IT resource. These resources could be a server, SaaS application, or an on-premises application. Every IT resource can have a user store that controls who has access to it. While many people may not think of that as a directory, that is what it is. Unfortunately for many IT admins, there are many of these ‘mini’ directories all over an IT organization.
The issue then becomes how do IT admins bring these various disparate directories together into one centralized, authoritative user store? From a directory services management perspective, centralizing the directory is critical.
Risks / Challenges with Multiple Directories
With multiple “mini” directories, an IT admin won’t have the control or visibility over IT resources that they don’t see or have access to. As a result, the users on those IT resources become unmanaged. This is a key reason why Shadow IT can be so dangerous. Even if that IT admin does have visibility over the IT resource, sometimes they cannot manage the IT resource due to a mismatch in protocol support. That becomes an added burden.
Business is Moving Fast
In the modern office, an identity must be managed in multiple places. Users will need to have separate logins and will potentially have separate passwords, increasing user friction and potentially leading to weaker password choices.
IT resources in today’s, modern organization vary widely. There are on-premises devices such as traditional Windows machines. But, many organizations are leveraging Macs and Linux machines as well. Applications which were once on-premises and often LDAP capable are now being replaced by SaaS-based services that leverage SAML instead. Wireless networks are replacing wired and smart IT organizations are backing those wireless access points with RADIUS-based authentication. Cloud infrastructure such as AWS and Google Compute Engine is a mainstay for small and large organizations alike.
Unfortunately, IaaS often ends up being managed separately from a directory services perspective. Today’s IT admin is searching for ways to manage all of these IT resources through one directory services solution. What’s needed is a central identity store that connects users to whatever devices, applications, and networks they need to access.
The Solution is Directory Services
If you are interested in simplifying your directory services management, look at a cloud-based directory service delivered as-a-Service. It’s called Directory-as-a-Service and it’s provided by JumpCloud. Directory services management doesn’t need to be so painful. Drop us a note or give JumpCloud a try for free.