By Greg Keller Posted May 15, 2015
Microsoft® Windows has its companion directory service, Active Directory®. But in most organizations, Macs are still on their own.
Managing users on Mac devices has conventionally been a chore. But in a BYOD world where Macbooks are everywhere, it’s reckless to leave Apple devices unmanaged. That’s sweeping a very big problem under the rug.
Thankfully, it’s no longer 2007. In 2015, there are innovative, powerful, and almost effortless solutions available for central management of Macs. The problem? Your average IT department doesn’t yet know these solutions even exist.
Conventional Options for Mac Management
Apple offers its own Open Directory solution. But it isn’t widely used because of its focus largely on Macs. So unless you have an office full of Macbooks, Apple Open Directory just isn’t worth it.
OpenLDAP another option, but connecting Macs to OpenLDAP™ is not just inefficient, but limited. Yes, AD can authenticate Macs, but you don’t get any of the policy and device management capabilities that AD provides to Windows devices.
Going without Mac Management
With BYOD (Bring Your Own Device) in effect at a large number of companies, IT admins have for the most part simply thrown their hands up. Some tools can help. But because they’re Mac only, they don’t truly help IT admins centralize their entire user management infrastructure.
Most organizations don’t end up managing users on their Mac machines.
Why Managing Macs Matters
Effective Mac management has many benefits. Similar to other devices, management gives you control over what users can and cannot do on particular devices.
As your organization grows, building in security controls and safeguards becomes even more important. For example, what happens when a user with access to sensitive information is terminated from the company? Having the ability to shut down user access to the device can be a critical security control. That user’s device could very well have confidential and proprietary company data. Eliminating the ability for the user to login protects that data.
The remote wipe capability is valuable in a number of dire situations, for example if a laptop is stolen.
In addition to security issues, practical on-going support issues can be easily solved through having different levels of users. True Mac management means that a remote admin will be able to login and address support issues via an admin account.
The Bottom Line
User management is the core of building an organization’s IT infrastructure. If you are unable to build core user management capabilities on a core platform, that leaves a gap in your environment.
Directory-as-a-Service Offers Mac User Management
Directory-as-a-Service is a cloud-based directory service that enables a variety of devices, applications, and networks to authenticate. Through authorization capabilities, users can be granted different permission levels.
DaaS solutions place a small lightweight agent on each Mac device and then provide full Mac user management and device management capabilities. IT admins centrally control the central directory services infrastructure from a Web-based console.
Because the service is delivered from the cloud, there is very little if any on-going management for IT admins from a software and hardware perspective.
Ready for True Mac User Management?
If you are interested in diving in deeper on Mac user management check out this video on managing macs in the modern office or, drop us a note. We also invite you to start testing our Mac management for yourself by signing up for a free account. Your first 10 users are free forever.