By Greg Keller Posted November 11, 2014
Directory-as-a-Service® (DaaS) has been getting a lot of attention lately. With the promise to shift directory services to the cloud, IT admins are increasingly interested in the value that cloud-based directory services can provide. But, as with most emerging technologies, some IT admins are unsure on how to get started with this innovative Identity-as-a-Service platform.
IT admins have long voiced a desire to outsource directory services (whether they are LDAP or Active Directory focused), and wanting to reduce the amount of time spent managing their identity provider, connecting their users to their cloud servers, managing Macs, providing True Single Sign-On™, WiFi authentication, and more.
But what’s the first step? The first step is to examine your current directory services environment. Most companies fall into one of three categories:
- They have an existing LDAP and want to move to the cloud
- They have an existing Microsoft Active Directory and want to move AD to the cloud
- They have no directory in place, yet
Depending on your situation, there are a few different approaches on how to get to get started with Directory-as-a-Service:
1—You Have an Existing LDAP
For organizations that already have OpenLDAP, the easiest way to get started is to take your existing OpenLDAP structure and just shift it to the cloud. When you shift your authentication to our cloud-based OpenLDAP server or hosted LDAP service, your existing users can be imported into JumpCloud so that your directory is up and running quickly. The benefits? No more LDAP management – it’s SaaS-based LDAP! And, better than that, you can connect all of your LDAP-based applications to your hosted LDAP solution.
2—You Have an Existing Active Directory
If you have AD already in place, don’t worry. You don’t need to rip out and fully replace AD to leverage the cloud-based solution (although, JumpCloud can easily serve as your Active Directory replacement). Instead, JumpCloud works with existing AD instances in a hybrid-solution.
Specifically, there are two areas where AD organizations can utilize JumpCloud: (1) to manage their cloud servers; or (2) to manage their Macs/Linux devices.
In most organizations that have AD, cloud servers and Mac devices are largely unmanaged or managed manually. But, there is really no reason that those should be treated differently than the Windows devices that AD manages. To get started with DaaS when you have AD, simply extend your AD out to JumpCloud through a bridge (agent that sits on your AD server). The bridge ensures that all users you specify are extended out to JumpCloud’s directory. From there, your cloud servers and Macs can auth against JumpCloud which is always in sync with your core directory. Further, you have the ability to manage those devices as well.
3—You Don’t Yet Have a Directory
It’s not uncommon for companies to not yet have a directory in place. Typically these are younger companies that were born in the “cloud generation,” or companies that haven’t yet hit a critical mass to demand a directory services system. For this subset of companies, getting started with a cloud-based directory like JumpCloud in this situation is straightforward. Many of these organizations are leveraging Google Apps, but without an identity provider.
A free JumpCloud account gives companies 10 free users. Organizations can set up their users in the console, and then control user access and manage the devices and the IT applications that those employees need to access. Access is controlled without an agent through OpenLDAP, or, an agent can be downloaded and installed on the Linux, Mac, or Windows device. Eventually, as the company grows, the company can add an unlimited number of devices through JumpCloud.
Whatever your situation, getting started and creating value from Directory-as-a-Service is quick and easy. You can sign-up for a free JumpCloud account here. If you have any questions around how to off-load your directory services while increasing the types and locations of devices / IT applications you to connect to your directory, please drop us a note.