IDaaS and Hosted LDAP

By Rajat Bhargava Posted December 26, 2016

As IDaaS (Identity-as-a-Service) moves to the next level, there is a great deal of discussion about what functions should be included in IDaaS.

The first generation of IDaaS providers simply handled web application single sign-on. Back when IDaaS providers emerged, Microsoft Active Directory was the monopoly in the space. The result was that these cloud identity management solutions integrated with Active Directory as the identity provider. AD would federate identities to the IDaaS solution. This worked for the limited use case of web application SSO,

But IT organizations wanted more. They wanted IDaaS and hosted LDAP solution. They wanted IDaaS to be their core, authoritative virtual identity provider across all of their users and IT resources.

Leveraging LDAP to Authenticate Users


LDAP is one of the most important authentication protocols. It was created by our technical advisory board member, Tim Howes, and his colleagues in the early 1990s. Since then, it has been leveraged in countless applications and has served as the basis for the OpenLDAP open source directory server. LDAP is a core protocol even today for how IT organizations centralize their user identities. Jira, MySQL, OpenVPN, and many other applications within an organization leverage LDAP as the protocol to authenticate users. Thus, a centralized identity provider that supports LDAP is critical for any IT organization.

Shifting from Legacy Directory Services


Historically, IT admins have solved this problem by either connecting these applications to Microsoft Active Directory or OpenLDAP. As these organizations move to the cloud, however, they no longer want to install, configure, and manage on-prem directory services. G Suite and Microsoft Office 365 have been catalysts to move to the cloud. IT admins are no longer managing Microsoft Exchange or Windows file server with the advent of GApps and O365. As a result, they are now shifting away from on-prem, legacy directory servicesActive Directory or LDAP, for example. The challenge for IT admins, though, is that traditional IDaaS solutions don’t support hosted LDAP.

JumpCloud® is Delivering IDaaS and Hosted LDAP


A new generation of IDaaS platform is being created called Directory-as-a-Service®. This complete cloud directory service is a central user management system, hosted LDAP, cloud RADIUS, device management, True Single Sign-On, multi-factor authentication, and more.

In this particular use case, the cloud identity provider serves as a hosted LDAP solution. OpenLDAP is set up and hosted in the cloud by the IDaaS provider. IT organizations simply point their IT applications that support LDAP to the virtual LDAP server. The identities used in the LDAP server can also be those leveraged for systems, cloud applications, and networks.

daas Directory-as-a-Service

If you would like to learn more about IDaaS and hosted LDAP, drop us a note. We’d be happy to show you how to make a SaaS-based LDAP solution work in your environment. Sign up for a free account to give it a try. Your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts