IAM Capability: Mac® User Management

By Zach DeMeyer Posted March 10, 2019

Apple® has become the biggest company in the world. It’s honestly no surprise; the iPhone is everywhere, and there are more Macs® in the workplace than ever before. Given this fact, IT admins have to include managing Mac users as a part of their identity and access management (IAM) strategy. Some admins, however, are having difficulties incorporating Macs into their organizations. So, we will break down the IAM capability for Mac user management, and how it can be incorporated into an IT organization with one easy solution.

History of Mac User Management

IAM Before the Mac

Mac user management hasn’t always been a requirement for IT organizations. Early on in modern IT, the only operating system contender was Microsoft® Windows®. In order to manage entire fleets of Windows systems and their users, Microsoft introduced the identity provider, Active Directory® as a part of Windows Server® 2000. Using Active Directory (AD), admins had a database of their users and systems which they could control using constructs like group policy objects (GPOs) to manage their access privileges and more at scale. To bolster their user management capabilities, Microsoft also introduced SCCM (or ConfigMgr) to share the load with AD and provide enhanced system management functionality.

The Open Directory

When the Mac system started truly hitting the enterprise shortly after the turn of the millennium, IT admins were put in a real pickle. Since AD was designed solely for Windows-centric environments, there was no real tool available to manage these new systems and their users. Apple quickly filled this growing void with Open Directory, their amalgamated directory service that was akin to AD for Macs.

In terms of IAM capabilities, however, Open Directory never took off in comparison to Active Directory. Realizing this, as their consumer products continued to bloom in popularity, Apple has seemingly decided to focus less attention on Open Directory in favor of focusing on the iPod/iPhone and the Mac. Of course, this simply created an even larger vacuum in IT for a Mac user management tool.

Bridging the Gap

Third-party vendors have jumped on the vacancy for almost twenty years, producing AD add-on solutions called identity bridges that would establish connections between Mac systems/users and an AD instance. These identity bridges would eventually be delivered from the cloud in an as-a-service model, making them easier to leverage for IT admins. Despite this, the solutions still added considerable work and cost to an IT organization’s budget for Mac user management capabilities.

Cloud IAM Capability: Mac User Management

As more IT organizations moved their infrastructure to the cloud, on-prem IAM solutions like AD and Open Directory began to fall out of favor. Once again, IT admins were in a tricky situation. They could either begin adopting the innovations of the cloud, but operate without centralized IAM, or remain entrenched on-prem using Open Directory or AD with multiple identity bridges. What was an IT admin to do?

Thankfully, there is a cloud directory service taking the IAM industry by storm. It’s completely vendor-neutral, giving end users complete freedom of choice regarding their IT resources, including systems. With cross-platform GPO-like capabilities, simply called Policies, this solution has reimagined AD for the modern era. Called JumpCloud® Directory-as-a-Service®, the cloud directory service is the only centralized identity provider from the cloud that manages virtually all IT resources.

Manage Your Macs from the Cloud

While it may sound too good to be true, JumpCloud Directory-as-a-Service’s IAM capability for Mac user management is apparent. If you would like to see this capability for yourself, you can schedule a demo or try JumpCloud completely free. With ten users included forever, you can explore JumpCloud Mac user management, along with LDAP, SAML, RADIUS and more. Contact us today if you are interested, or have any questions.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts