Implementing Cloud-based LDAP

By Zach DeMeyer Posted November 8, 2018

Mere decades ago, the list of industries affected by clouds was slim; meteorology, landscaping, golf courses, to name a few. Now, almost everything is influenced by a different sort of cloud: the cloud. The IT industry especially has been revolutionized by the ability to offload data storage, applications, and more to the cloud. There are, however, still a number of IT resources that require on-prem implementation, and subsequently need LDAP authentication to access. This requirement has left IT admins wondering about implementing cloud-based LDAP, and if it is even a possibility.

What is LDAP?

Active Directory options

One of the most widely implemented authentication protocols in IT history, LDAP kicked off the modern age of identity management. LDAP stands for the Lightweight Directory Access Protocol, and was created by JumpCloud® advisor and friend, Tim Howes, and his colleagues at the University of Michigan. The protocol was originally created to act as a directory authentication tool, and has since been implemented in IT’s most popular directory services, namely OpenLDAP™ and Microsoft® Active Directory®.

After its inception, LDAP became integral to IT due to its abilities to connect identities to the on-prem resources that their users required. This usefulness still remains today, but has waned due to the onset of the cloud. The beginnings of cloud-based IT started with applications like Salesforce and others, but soon, more and more day-to-day resources were being leveraged from the various corners of the internet. LDAP, being designed for a pre-cloud, on-prem environment, was unable to bridge the gap between an organization’s physical servers and their remote cloud counterparts.

Cloud Identity and Access Management Today

cloud identity and access management today

For web applications like Slack, Dropbox™, or others, IT admins began to use a sort of LDAP alternative, Security Assertion Markup Language, or SAML, to federate user access. Organizations, however, still leveraged on-prem applications that required user identity authorization. This identity schism, if you will, fractured user identities, and demanded the use of multiple different solutions to manage a single identity. Understandably, this created both a sharp uptick in work for sysadmins, as well as an increase in budget toll and ensuing headaches to boot.

Further, as more technical IT resources in the cloud and on-prem support LDAP—e.g. Docker, Kubernetes, OpenVPN, Jira, and others—instantiating identities in LDAP is critical. The problem is that IT admins don’t want to just expose identities via the LDAP protocol. IT organizations also need an identity provider that can be multi-protocol.

Implementing Cloud-based LDAP

Thus, implementing cloud-based LDAP instances would solve some major pain points for IT organizations. By unifying identities in the cloud, users are granted a greater freedom of choice when it comes to the resources they leverage. The cloud also opens up options regarding enabling enterprise scalability and remote work, which promote both growth and efficiency. In general, implementing cloud-based LDAP would benefit businesses from the top down.

Thankfully, a solution exists that can manage serverless LDAP instances from the cloud. This LDAP-as-a-Service takes the work required to install and maintain an on-prem LDAP server or Active Directory instance off the shoulders of IT admins. And, by leveraging identities existing in a cloud directory service, user identities are centralized and unified under one set of credentials. The solution is called JumpCloud Directory-as-a-Service®.

Cloud LDAP from Directory-as-a-Service®

Cloud-based LDAP

Implementing cloud-based LDAP is a breeze with Directory-as-a-Service. Usable as both a full-fledged cloud directory or solely as LDAP-as-a-Service, JumpCloud Directory-as-a-Service authorizes user access regardless of their choice of system, application, network, and more. With a remotely accessible admin console, JumpCloud allows LDAP authentication from anywhere, to anywhere. JumpCloud even integrates with Google Cloud™ or Office 365™ accounts to Make Work Happen™ for any size organization. To learn more about the DaaS product and implementing cloud-based LDAP with JumpCloud, you can schedule a demo of the full suite. You can also check out our blog or YouTube channel for more information, or contact us with questions. If JumpCloud seems like the solution for you, consider signing up for Directory-as-a-Service. Your JumpCloud account is completely free, always includes ten au gratis users for your organization, and doesn’t require a credit card.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts