By Greg Keller Posted May 11, 2017
Managing Windows desktop (and laptop) authentication has been the domain of Microsoft Active Directory® for almost two decades now.
When AD was introduced, the directory was a brilliant way to manage user access to Windows machines, applications, and networks. 20 years later though, the world has changed and a new generation of identity and access management (IAM) solution is taking over the marketplace. The cloud identity management function for Windows desktop authentication is being handled by the new and innovative solutions Directory-as-a-Service® (DaaS).
The Microsoft Based Enterprise
Two decades ago, Microsoft Windows was the dominant operating system platform on the market. With a virtual monopoly, Microsoft set out to tighten their lock on their enterprise IT customers.
Active Directory was a major part of this lock-in strategy. Using AD, an IT admin could more easily manage user access and the Windows system itself. Additionally, if the applications and network were all based on Windows, the user access would extend to those resources as well. IT could simply add the user to Active Directory, and to the appropriate group, and the user would then be granted access to all of the IT resources that they needed access to. Similarly, when the user left the company, account access could be easily deprovisioned.
Modifications were centralized in AD, and even the management of device settings and parameters like password complexity, network file share access, screen saver lock, and more could be managed.
Enterprise Moves on from Active Directory
The Active Directory process and platform worked incredibly well. So well, that AD arguably has more market share than any other Microsoft product.
Unfortunately for Microsoft though, the IT landscape started to change. The cloud emerged as an important innovation with Infrastructure-as-a-Service (IaaS) and web applications being delivered remotely, instead of the on-prem solutions we were used to. Apple, Mac, and Linux platforms started to grow in popularity. WiFi started to take over for wired networks. With the browser being the one necessary application, and being cross-platform, the need for Windows devices started to decrease. All of these changes impacted how Active Directory worked inside of the IT network.
While Windows devices still are popular, they are nowhere near as popular as they once were. Today, only one in five devices in the office place is Windows (Forbes). Mac, Linux, and mobile devices have started to take over, and they are not slowing down. As a result, AD has become much less interesting to IT admins. However, admins do still have Windows devices, so the challenge becomes “How do I replace Active Directory, without losing the ability to authenticate Windows devices?”
A New Directory for a New Environment
The answer to that question is a new generation of cloud identity management platform, called Directory-as-a-Service. This innovative directory is making the leap to the cloud, and to a cross-platform device environment. Now, not only can IT admins authenticate the Windows machines they still have, they can also combine it with Mac and Linux authentication as well all from one central identity management solution.
No longer does IT need to have one identity management platform, plus an access control solution for Windows, and additional solutions for Mac and Linux devices. With Directory-as-a-Service, Windows applications and servers can be authenticated from the cloud directory service. Similar to AD, the Identity-as-a-Service platform can also execute commands and tasks across groups of Windows machines. Called GPOs by Microsoft, Directory-as-a-Service uses a similar concept, but ensures that it works across Mac and Linux devices as well as Windows.
Identity Management for Windows Desktop Authentication
If you would like to learn more about how the cloud identity management function Windows desktop authentication can support your move to the cloud, drop us a note. Or, sign-up for a free account of our cloud directory service and check out how to authorize your mixed platform environment. Your first 10 users are free forever.