By Jon Griffin Posted October 31, 2017
IDaaS, otherwise known as Identity-as-a-Service, is one of the hottest categories in the identity and access management market. With all of that activity, it also means that the IDaaS space has been in a state of constant transformation. IDaaS used to essentially translate into web application single sign-on. Today, though, modern IDaaS platforms have evolved to be core identity providers for organizations. In order to achieve this more advanced goal, an IDaaS provider must be capable of connecting users to a wide gamut of IT resources. One example that we want to explore on this page is the IDaaS capability to support Samba file servers.
Identity Management of the Past
Let’s step back and give you some background on the identity management space. It really kicked off with the advent of LDAP by Tim Howes and his colleagues. That, of course, spawned two major identity management solutions, OpenLDAP™ and Microsoft Active Directory®.
For many years, these platforms were the core of an organization’s identity management infrastructure. However, as mentioned, recently the IT landscape started to change, such as with web applications. Now, there are many cloud based applications and storage systems, and they are not easy for conventional, on-prem identity management infrastructure to manage. Of course, a generation of web application single sign-on providers emerged to help address this problem. They integrated with Active Directory and extended those identities to web applications. Essentially, these first generation IDaaS providers were just web application SSO platforms from the cloud. They relied on AD to be the identity provider.
Cloud or On-Prem File Storage?
As the world moved to different IT platforms, there was a tension around storage. While some cloud storage options such as Google Drive, Dropbox, and Box started to become popular, the challenge that arose was that not all data could easily live and be manipulated in the cloud. Larger files that required significant bandwidth to go back and forth were really better off being on-prem. Additionally, regulatory requirements sometimes forced select organizations to keep data on-prem as well. Because of these challenges, Samba file servers and NAS (network attached storage) devices have continued to remain popular despite a massive shift to the cloud.
Unfortunately, as IT organizations shifted to first generation IDaaS solutions, the concept of managing access to Samba file servers and NAS devices wasn’t really a part of the conversation. However, as IT organizations start to eliminate Active Directory and shift to Directory-as-a-Service®, the idea of cloud authentication for on-prem Samba file servers starts to become an interesting possibility.
IDaaS that Supports Samba File Servers
Instead of an IDaaS platform just connecting to web applications, a new generation of Identity-as-a-Service is acting as a cloud-based, core identity provider – just as Microsoft Active Directory or OpenLDAP have done in the past – and that includes Samba file server authentication.
This cloud-based directory is allowing IT organizations to securely connect their users to a variety of systems (Mac, Windows, Linux), cloud and on-prem applications (through LDAP and SAML), remote servers (AWS, GCE), storage, and more. The relevant functionality here is connecting users to on-prem storage, using the same identity they use for the rest of their services. This means that a user can take, for example, their existing G Suite/O365 account, and use that to authenticate into their on-prem storage. One seamless process for the end-user and IT admins.
Our own Directory-as-a-Service® platform is leading the charge on this important advancement in what it means to be an IDaaS solution.
JumpCloud Capability: Samba File Servers Authentication
If you would like to learn more about the IDaaS capability to support Samba file servers, drop us a note. We would be happy to answer any questions you might have, and explain how the Directory-as-a-Service platform works. Alternatively, if you would like to test it out for yourself, sign up for a free account. Your first 10 users are free forever, so there’s no reason not to give it a shot. You can test out the platform in your environment, and make sure it works for you.