IDaaS And Linux Authentication

By Greg Keller Posted January 18, 2017

As more IT organizations move to cloud applications and infrastructure, there is a great deal of discussion within these organizations about the best ways to leverage IDaaS and Linux authentication.

In fact, the discussion is really on how to move from Microsoft Active Directory® and OpenLDAP, which are legacy and on-prem directory services, to modern Identity-as-a-Service platforms.

The challenge with this is that historically most cloud identity management solutions have just been web application single sign-on solutions. They have not been able to authenticate Linux (or macOS or Windows) systems. As a result, IT admins have been left with a gap on how to completely shift their identity management to the cloud.

Two Decades, Two Directory Services Solutions

Over the last two decades, two major directory services solutions have emerged. Microsoft Active Directory is the commercial market share leader for the on-prem identity provider. OpenLDAP has been the open source solution of choice.

Both of these solutions have been developed over the years for on-prem networks. AD has struggled with connecting to and managing Linux systems. OpenLDAP has been designed for Linux and other more technical platforms and as a result, this platform works well.

Of course, the challenge here is that many organizations now need both AD and LDAP in order to cover a great deal of their IT infrastructure. In addition, they then layer on web application SSO solutions for their cloud apps.

Overall, this approach is untenable. IT organizations are shifting to the cloud with G Suite and Microsoft Office 365. These platforms are replacing Microsoft Exchange and Windows file server. Yet IT admins have not been able to eliminate Active Directory or OpenLDAP until now.

Now, There Is One Directory To Rule Them All®

IDaaS platforms previously were just web application SSO platforms. Now, Directory-as-a-Service® is an encompassing cloud identity provider securely managing and connecting user identities to systems (Windows, Mac, and Linux), cloud and on-prem applications, and networks. The Directory-as-a-Service platform provides centralized user management, hosted LDAP, cloud RADIUS, device management, multi-factor authentication, and True Single Sign-On. This approach to IDaaS eliminates the need for three different solutions: Active Directory, OpenLDAP, and web application SSO.

Linux authentication is handled natively via a lightweight agent installed on each Linux instance. Linux devices can be hosted on-prem, in the cloud (e.g. AWS), or elsewhere. IT admins have full central control over access rights and permissions. Linux devices can also be managed via command and script execution capabilities similar in concept to Microsoft Active Directory Group Policy Objects (GPOs). In short, Directory-as-a-Service can manage user access and the device itself for Linux.

JumpCloud® is The Future Of IDaaS and Linux Authentication

If you would like to learn more about IDaaS and Linux authentication, drop us a note. We’d be happy to show you how our IDaaS platform can authenticate Linux devices as well as macOS and Windows devices. Or sign up for a free account and give it a try for yourself. Your first 10 users are free forever.

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts