LDAP Across Networks

By Vince Lujan Posted June 11, 2019

With IT networks becoming more decentralized and cloud services emerging, a common question is whether legacy IT solutions can function in a cloud-forward world. Specifically, is it possible to leverage LDAP across networks?

The Lightweight Directory Access Protocol (LDAP) has been a user authentication standard for over twenty years now. As a trusted authentication mechanism, IT admins want to know if what has traditionally been an on-prem implementation has any use cases in the cloud.

The good news is that it is possible to run LDAP across networks via LDAP-as-a-Service. Let’s take a closer look at LDAP and discuss a few benefits of the “as-a-Service” model.

LDAP in a Traditional Sense

LDAP came to be in the early 1990s as an on-prem network authentication protocol. Back then, LDAP had to be instantiated by client/server infrastructure that was usually hosted on-prem as well.  

Common examples of popular LDAP servers include OpenLDAP™ or the 389 Directory by RedHat. LDAP servers such as these worked well for more technical infrastructure such as Linux® based applications that were also hosted on-prem.

Among those applications that were often connected to LDAP servers included OpenVPN, Kubernetes, Jenkins, and many more. Yet, the challenge with traditional implementations of LDAP has been similar to other open source solutions

While enabling a great deal of flexibility for DevOps and IT personnel, LDAP can be challenging to implement and maintain. As traditional networks expanded to multiple locations, both in the cloud and on-prem, it became increasingly difficult to run LDAP across networks.

A specific example is that traditional applications usually had to be directly connected to the LDAP server, often by utilizing VPNs. As applications transitioned to the cloud, the usual approaches started to break down.

The Future of LDAP

While the efficacy of traditional LDAP solutions has been diminished in the modern era, the good news is that the future of the LDAP protocol is very bright indeed. A new generation of cloud LDAP solutions are emerging that make it simple and easy to connect to virtually any LDAP-based client application, without having to deal with anything on-prem.

LDAP-as-a-Service, as it’s called, is essentially a reimagination of traditional LDAP implementations for the cloud era. No longer must IT admins implement a complicated, legacy solution nor maintain client/server infrastructure on-prem.

Yet, perhaps the greatest advantage that a SaaS LDAP solution can provide is the ability to leverage LDAP across networks. Furthermore, there are no VPNs required and the virtual LDAP solution can work across the Internet safely.

LDAP-as-a-Service with JumpCloud

Cloud LDAP functionality is a core feature of the overall JumpCloud® Directory-as-a-Service® platform. JumpCloud offers a variety of secure protocols and mechanisms, including LDAP, SAML, RADIUS, SSH, REST, and more.

Expanding on the concept of LDAP-as-a-Service, the Directory-as-a-Service platform eliminates the need to host directory services infrastructure on-prem. As a result, JumpCloud admins can securely manage and connect their users to virtually any IT resource from the cloud.

Contact JumpCloud to see how you can leverage LDAP across networks today. You can also sign up for a free account and check it out for yourself. The entire DaaS platform is free forever for up to 10 users.

Vince Lujan

Vince is a writer and videographer at JumpCloud. Originally from a small village just outside of Albuquerque, he now calls Boulder home. When Vince is not developing content for JumpCloud, he can usually be found doing creek stuff.

Recent Posts