In Blog, Directory Services, Directory-as-a-Service, Identity Management, LDAP

Identity management and LDAP

LDAP (lightweight directory access protocol) has been a mainstay in the IT industry because it serves as a great tool for authenticating and authorizing users via credentials like a usernames and passwords. But, on-prem LDAP implementations remain difficult to configure and manage. Plus, they take up a valuable real estate in the office. Now, a new generation of identity management capability —  called cloud LDAP — is emerging to make using LDAP easier than ever.

Brief LDAP History

LDAP History

The LDAP protocol was created by our friend and advisor, Tim Howes, and his colleagues at the University of Michigan in the early 90s. Mr. Howes sought a lightweight alternative to DAP (directory access protocol)—the tool originally created for accessing the directory services protocol X.500. X.500 was one of the first directories out there, and DAP allowed users to Bind, Read, List, Search, Compare, Modify, Add, Delete, and ModifyRDN the contents of the directory. But, DAP was troublesome because of its considerable overhead and bandwidth-intensive nature.

So, Howes and his team saw an opportunity to create a lightweight version of DAP that could execute the same functions from less powerful systems while utilizing less bandwidth. From this we got LDAP. It could perform the functions of DAP from lesser systems (read: early 1990 PCs) because LDAP was a limited subset of X.500’s DAP standards. Its efficiency would allow it to become the internet standard for directory services in 1997. From this success, LDAP would go on to become a launchpad for a wide range of identity management solutions and authentication protocols. Identity management solutions such as Microsoft® Active Directory and OpenLDAP (which we will talk about below) as well as protocols like SAML, OAuth, and OpenID all trace their roots back to LDAP and Tim Howes.

Identity management with OpenLDAP

Identity Management with OpenLDAP

Historically, the challenge with LDAP has been the difficult implementation of OpenLDAP (LDAP’s most popular open source iteration) and the integration between a system or application and the LDAP server itself. Resulting, IT admins have to spend a tremendous amount of time working through implementation, configuration, and maintenance of the OpenLDAP infrastructure within their organization. Given the cloud-leaning IT environment that many IT pros find themselves in right now, many are probably wondering if there is a Software-as-a-Service (SaaS) implementation that can provide the strong, legacy authentication and authorization of LDAP without the headache of setting up, configuring, and maintaining an on-prem OpenLDAP implementation.

CloudLDAP Identity Management Capabilities

CloudLDAP identity management capabilities

The good news is, yes, there is a modern approach to LDAP, and it’s available from a cloud identity management solution called JumpCloud® Directory-as-a-Service®. No longer do IT admins need to implement, configure or maintain an LDAP server in order to reap its benefits. Now, LDAP functionality is available from a web-based console and it can be used to authenticate and authorize access to: Jira®, Jenkins, OpenVPN, and many others from anywhere there is a network connection. That means there are no servers to upkeep and you only pay for what you need. In fact, you can purchase a cloud-based service for just LDAP on our pricing page under “one protocol pricing.”

Further, JumpCloud Directory-as-a-Service allows for True Single Sign-On which can give users the ability to login to their systems (Windows®, Mac®, and Linux®), wired and WiFi connections via RADIUS, cloud infrastructure (AWS®, Azure®, and GCP), on-prem and off file servers (Samba, NAS devices, and Box), productivity platforms (G Suite and Office 365) and of course legacy LDAP applications with a single set of credentials. No more juggling multiple usernames and passwords for individual users. That can be unsafe if the passwords are reused across multiple services. Should one password get found out, then multiple services are at risk. It’s much safer to have one secure identity.

Learn More About Cloud LDAP from JumpCloud

If you want to learn more about how the identity management capability: cloud LDAP can help to simplify your life, please do not hesitate to drop us a line. If you’re ready to get your feet wet, sign up today and manage 10 users free, forever. If you’re interested in informative whiteboard videos that break down key JumpCloud features, tutorials, or best practices visit our YouTube page.

Recommended Posts