As of 2019, Microsoft 365™ (formerly Office 365™) provides over 180 million monthly users with Microsoft® Office and other key capabilities from the cloud. The widespread reach of the productivity suite means that many organizations have Microsoft 365 credentials among the passwords they have to deal with on a daily basis.
With so many passwords to remember, some IT administrators are concerned their users will experience password fatigue, making them curious about the possibility of consolidating their passwords to make life easier for end users. In particular, organizations with Linux® systems and servers wonder if their users can log into those systems using their Microsoft 365 passwords. We’ll explore several options available to do so, including one from the cloud, but first, let’s dive into why you would want to consolidate Microsoft 365 and Linux passwords.
Why Use Microsoft 365 Passwords for Linux?
Linux endpoints provide IT and DevOps organizations with high-level computing functionality. Often, Linux accounts for much of an organization’s infrastructure, with some users even preferring the operating system for their workstations over Windows® or Mac®.
One of the most important parts of maintaining Linux infrastructure and systems is managing the identities that have access to them. Like other operating systems, Linux requires users to have an authorized set of credentials to authenticate their access, but can require SSH keys as well for extra security. In order to ensure their Linux endpoints remain secure, IT admins need the ability to manage how user identities interact with Linux, both through credentials and SSH keys.
Unfortunately, Linux identities are only a fraction of the accounts end users deal with. Productivity suites like Microsoft 365 or G Suite™ serve integral roles in end user day-to-day operations, with web applications, file servers, networks, and more all requiring an account to access.
By consolidating the identities for these various accounts, IT admins can save time by reducing the amount of identities they need to manage. Because productivity suites like Microsoft 365 are nearly ubiquitous for organizations, it would make sense to use them as a core, consolidating identity.
Using Microsoft Tools for Linux Identities
For some organizations, their Linux infrastructure may consist of virtual machines (VMs) that are hosted in the Azure® Infrastructure-as-a-Service platform. Azure Active Directory® (AAD), the tool that manages Azure identities, also applies to Microsoft 365. As such, IT admins can have users log into Azure-hosted Linux VMs using their AAD identity, aka their Microsoft 365 identity.
When it comes to Linux hardware hosted elsewhere (AWS®, GCP™, internal data center, etc.), however, Microsoft doesn’t offer a way to integrate Linux and Microsoft 365 identities without employing additional solutions, such as their on-premises Configuration Manager (ConfigMgr) tool. In order to use ConfigMgr properly though, admins then need to roll out an Active Directory® (AD) instance on-prem as well to provide a core identity for ConfigMgr to source from.
Ultimately, although this approach can effectively consolidate Linux identities under Microsoft 365 passwords, it comes at a steep cost. For starters, organizations need to invest in AD infrastructure as the backbone of their identity management. While AD used to be ubiquitous for identity and access management, the rise of working from home (WFH) orders and a general shift of IT to more cloud-based infrastructure has rendered the on-prem AD less effective than it once was.
Beyond that, admins also need to purchase a ConfigMgr instance, with an additional buy of Intune if they have mobile devices as well. Then, of course, they will need Azure AD to manage their Microsoft 365 instance, as well as Azure Active Directory Connect to sync AD and AAD.
The result is a hefty price tag, with infrastructure scattered across both on-prem and cloud environments. As IT organizations seek to keep their operations lean, this approach to managing identities may prove more trouble than it’s worth.
Consolidating Identities in the Cloud
Instead of investing in a multitude of different tools to authenticate to Linux through a Microsoft 365 password, IT organizations can seek out an all-in-one platform with the same management capabilities. A cloud directory service like JumpCloud®’s Directory-as-a-Service® offers such a solution: consolidating virtually all of a user’s requisite passwords under a single unified identity.
JumpCloud is an all-in-one access control and device management platform, which means you can use it to manage user identities, provision them to IT resources, and configure their devices. With Directory-as-a-Service, IT administrators can:
- Manage Linux devices, including identities, SSH keys, and system settings;
- Integrate and sync identities with existing Microsoft 365 directories;
- Federate identities to web applications through SAML SSO with Just-in-Time and SCIM provisioning;
… and much more, all from a single, cloud-based Admin Portal. By managing Linux devices through Directory-as-a-Service, organizations can ensure their critical Linux infrastructure is secured while also streamlining logins through Microsoft 365 integration.
If you’d like to learn more about what our cloud directory service can do, contact us. Or, if you’re the hands-on type, try it yourself for free for up to 10 users and systems, with 10 days of 24×7 live chat support to help get you started.