LDAP in the Cloud Right for You?

By Greg Keller Posted April 14, 2017

LDAP in the Cloud Right for You

Many organizations leverage OpenLDAP, Apache Directory Server, or 389 Directory Server as their LDAP solution. But IT admins know the pain of internally managing and running LDAP is high. All three of these platforms are open-source solutions that require a great deal of expertise to manage. So the question for many IT organizations is whether LDAP in the cloud is right for them.

A cloud-hosted LDAP solution can eliminate a number of headaches and free up time for IT admins to work on more important tasks. However, since the concept of a cloud-hosted directory service is relatively new, there are often a number of questions that IT organizations have about moving LDAP to the cloud.

Four Questions to Ask About the Move to Cloud LDAP

1. What is LDAP in the cloud?


Shifting LDAP to the cloud is a relatively new approach. JumpCloud® introduced the first Directory-as-a-Service® platform a few years ago, and a core feature was moving LDAP to the cloud. Instead of having to run OpenLDAP internally, organizations can simply point their applications to the cloud-hosted LDAP server. Users are imported into the directory service manually or automatically. Those users can be leveraged for LDAP authentication, as well as other authentication approaches.

The LDAP infrastructure is administered by JumpCloud whose management services include updating the server software, managing the hardware, dealing with networking and uptime, backups, security, and a great deal more. IT organizations only need to maintain their user population and connect their applications to the virtual LDAP solution. Additionally, JumpCloud’s Knowledge Base has a number of articles to review. We are confident that you will find it fast and easy to connect popular apps to the SaaS LDAP platform.

2. What are the benefits of a cloud LDAP?


There are a number of benefits to cloud LDAP. Perhaps the most significant benefit is that you are off-loading the effort to install, manage, and maintain an LDAP solution. All of the ongoing maintenance is handled by JumpCloud. Other benefits include the ability to leverage those users for a lot more than just LDAP authentication. A user’s credentials hosted in the LDAP solution can also be used for their systems, RADIUS, G Suite, and Microsoft Office 365, among others.

A global network of low-latency servers ensures that users have a quick authentication path. This further helps organizations eliminate the concept of an ‘internal domain’ which can be costly and hard to manage globally. Shifting the directory server to the cloud enables an organization to more fully take advantage of cloud infrastructure and resources.

3. Is cloud LDAP secure?
cloud security MFA

Yes! JumpCloud uses the secure LDAP port of 636 with SSL or 389 with STARTTLS. In addition, all access to JumpCloud’s cloud LDAP service is controlled via a secure connect key that is unique to each organization.

4. Do I still need LDAP with web applications and SSO?

This is a broader question that involves the future path of the identity and access management industry. LDAP was created over twenty years ago by our advisor, Tim Howes, and his colleagues at the University of Michigan. It has stood the test of time and is still a core authentication protocol, most often used for more technical solutions and applications. Today SAML is also being used for web applications. Even still, LDAP is a core authentication protocol that every IT organization will likely leverage.

tim howes LDAP quote

The good news is that IT organizations can now leverage a cloud-hosted service instead of having to create a separate OpenLDAP server. In addition, your users can not only utilize the same username and password across their LDAP authentication, but also with their systems, network, and other applications. In effect, Directory-as-a-Service becomes your core authentication platform with LDAP being one of the supported protocols.

LDAP in the Cloud with JumpCloud

IT organizations are making the move to the cloud with as many of their infrastructure components as possible. That’s been a tall order for solutions such as your core directory service. JumpCloud’s Directory-as-a-Service platform rises to the occasion to securely manage and connect users to all the IT resources they require.

Drop us a note if you would like to learn more about LDAP in the cloud and whether it is right for you. Also, sign up for a free account and give it a try for yourself. Your first 10 users are free forever.

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts