By Rajat Bhargava Posted December 26, 2016
As IDaaS (Identity-as-a-Service) moves to the next level, there is a great deal of discussion about what functions should be included in IDaaS.
The first generation of IDaaS providers simply handled web application single sign-on. Back when IDaaS providers emerged, Microsoft Active Directory was the monopoly in the space. The result was that these cloud identity management solutions integrated with Active Directory as the identity provider. AD would federate identities to the IDaaS solution. This worked for the limited use case of web application SSO,
Leveraging LDAP to Authenticate Users
LDAP is one of the most important authentication protocols. It was created by our technical advisory board member, Tim Howes, and his colleagues in the early 1990s. Since then, it has been leveraged in countless applications and has served as the basis for the OpenLDAP open source directory server. LDAP is a core protocol even today for how IT organizations centralize their user identities. Jira, MySQL, OpenVPN, and many other applications within an organization leverage LDAP as the protocol to authenticate users. Thus, a centralized identity provider that supports LDAP is critical for any IT organization.
Shifting from Legacy Directory Services
Historically, IT admins have solved this problem by either connecting these applications to Microsoft Active Directory or OpenLDAP. As these organizations move to the cloud, however, they no longer want to install, configure, and manage on-prem directory services. G Suite and Microsoft Office 365 have been catalysts to move to the cloud. IT admins are no longer managing Microsoft Exchange or Windows file server with the advent of GApps and O365. As a result, they are now shifting away from on-prem, legacy directory services—Active Directory or LDAP, for example. The challenge for IT admins, though, is that traditional IDaaS solutions don’t support hosted LDAP.
JumpCloud® is Delivering IDaaS and Hosted LDAP
A new generation of IDaaS platform is being created called Directory-as-a-Service®. This complete cloud directory service is a central user management system, hosted LDAP, cloud RADIUS, device management, True Single Sign-On™, multi-factor authentication, and more.
In this particular use case, the cloud identity provider serves as a hosted LDAP solution. OpenLDAP is set up and hosted in the cloud by the IDaaS provider. IT organizations simply point their IT applications that support LDAP to the virtual LDAP server. The identities used in the LDAP server can also be those leveraged for systems, cloud applications, and networks.
If you would like to learn more about IDaaS and hosted LDAP, drop us a note. We’d be happy to show you how to make a SaaS-based LDAP solution work in your environment. Sign up for a free account to give it a try. Your first 10 users are free forever.