By Rajat Bhargava Posted April 26, 2017
LDAP as a protocol has been around for about 25 years, and OpenLDAP™, the most popular open source platform, for about 20 years. With these foundational elements in place for so long, it can feel like they are dated and not super relevant for today’s IT environment. This can be especially true of modern IT landscapes that utilize the cloud. This post discusses the future of LDAP, and whether LDAP-as-a-Service is the next generation of OpenLDAP.
LDAP was created by our advisor, Tim Howes, and his colleagues at the University of Michigan. OpenLDAP was created there as well, by Kurt Zeilenga, and was an excellent directory services choice at the time for Unix-based platforms. As time went on, OpenLDAP evolved into being an important tool for managing Linux servers, especially as Linux became the primary *nix platform.
Managing Multiple Directories
But, as the IT landscape evolved, OpenLDAP was relegated to a very specific use case. In the early 2000s, Windows was the primary operating system platform in use, and as a result most IT organizations implemented Microsoft Active Directory® as their identity management platform of choice. Often the data center or server infrastructure would have Linux or other Unix platforms, but those would need to be managed by a second directory service like OpenLDAP. Because the tools were so brittle to connect between OpenLDAP and AD, most organizations just managed separate directories. This, of course, was painful and added stress to the IT environment.
As the data center infrastructure morphed into Infrastructure-as-a-Service, things got much more interesting. Now, the server infrastructure was located in the cloud, was Linux-based, and was often scaled to a significant size. As companies hired more technical employees, management of two separate directories became less secure, more inefficient, and frustrating to end users. As a result, many IT admins started to wonder about a better way to do identity management in the cloud era.
Moving to One Unified IT Directory
Cloud identity management matured with Directory-as-a-Service® (DaaS), a central user management platform across the IT environment. As a SaaS directory service, Directory-as-as-Service is a reimagination of LDAP and Active Directory. The Identity-as-a-Service (IDaaS) platform integrates centralized user management, LDAP-as-a-Service, cloud RADIUS, system management for Windows, Mac, and Linux devices, multi-factor authentication, True Single Sign-On™, and much more onto one easy to manage platform.
By merging all of these tools together, DaaS allows one identity to be used for LDAP authentication as well as connecting to web services like G Suite or Office 365. Linux servers at AWS are authenticated as cleanly as Mac systems on-prem, without multiple directory services. You can also leave the separate directory hassle, and only need to maintain one central cloud directory service for the entire IT infrastructure. Lastly, with our cloud hosted LDAP there is no need to implement LDAP yourself or even connect LDAP to AD. LDAP functions are taken care of for you – simply point your LDAP-based application to the cloud LDAP service.
The Future of LDAP: LDAP-as-a-Service
If you would like to learn more about the future of LDAP and why LDAP-as-a-Service is the next step, drop us a note. You can also check out our online LDAP service for yourself. Sign-up for a free account. Your first 10 users are free forever.