By Greg Keller Posted January 2, 2017
IT admins often struggle with macOS user management. Macs have historically been outside the purview of the IT organization. This has largely been because IT organizations have employed a user management tool that struggles with supporting macOS and Linux. That tool is Microsoft Active Directory. And it is no surprise that many IT organizations are looking for a replacement to AD.
Despite Popularity, macOS User Management Was Left Out
There is no denying that macOS is taking the world by storm. Over the last decade, Macs have become some of the most coveted devices.
With more organizations now allowing Macs, more end users are excited about the platform. Historically, most organizations were Microsoft Windows shops. As a result, managing user access to the device was simple with Active Directory.
Unfortunately, macOS devices were largely left out. Since users were on their own to manage their devices, IT organizations had a major blind spot.
As Mac devices have become a much more significant part of the IT network, organizations are looking for ways to manage users on all of their devices. Rather than choosing the Microsoft Windows-focused Active Directory, IT admins are looking for an identity management platform that supports not only macOS devices but also Windows and Linux systems. The cross-platform approach allows the IT organization to centralize control over their entire IT infrastructure.
Directory-as-a-Service® is an All-Inclusive Solution
With Directory-as-a-Service, IT admins get a whole lot more than centralized user management over all three platforms. The cloud directory service is also a hosted LDAP provider, cloud RADIUS infrastructure, device management platform, and True Single Sign-On™ solution. IT admins have full control over the macOS device with the ability to remotely provision, deprovision, and modify user access. Further, similar to Active Directory GPOs, Directory-as-a-Service provides IT organizations with the ability to run commands and execute scripts across macOS systems.
How does it work? A lightweight agent is placed on each macOS device. The agent securely communicates with the IDaaS platform to request updates and be tasked with system management requests. The agent leverages native APIs and also ensures that users can still authenticate to the device even if the agent loses connection to the Internet or to the cloud directory service.