Managed Identity Bridge

Written by Jon Griffin on January 9, 2018

Share This Article

There are a lot of organizations that leverage Microsoft Active Directory® (AD) as their identity provider. This solution has been in use for over two decades now, and has for the most part been very effective through that time span. However, that effectiveness is starting to wane. The challenge that AD is facing is a consequence of the changes occurring within the IT environment. We are now in the era of heterogeneous IT and cloud applications, and these are both big problems for AD. Connecting user identities to the IT resources they need becomes much more difficult for IT organizations, requiring workarounds and additional solutions just to get by. Fortunately, a next generation managed identity bridge called Directory-as-a-Service® (DaaS) is changing the game and enabling IT organizations to seamlessly connect their users to the IT resources they need.

Why an Identity Bridge is Needed

identity management market alternative

Historically, IT organizations have relied on AD to connect users to IT resources. This included systems, applications, file servers, and networks. When AD was initially released, the entire network was Windows based, which made management easy to do. Microsoft designed AD to manage other Microsoft products, and as long as everything in the office stayed Microsoft and on-prem, it did everything that was needed.

As we all know though, nothing in the world of technology stays the same forever. Now, in the modern era of IT, organizations are using a wide variety of IT resources. This means cloud applications, different systems like Mac and Linux, WiFi networks, and more. These tools are great for the end consumers, but can be a nightmare for the admins that are trying to manage it all with AD.

Active Directory struggles to federate user identities and manage user accounts to non-Windows devices and applications. Solutions have been around that connect AD to other non-Microsoft resources for a while, but they are limited to web applications and tack on an additional expense and complication for admins. As more of these challenges appear, it only causes more strife for admins. This is where the need for a identity bridge comes in. The Directory-as-a-Service managed identity bridge is able to get rid of all of that pain.

What the Managed Identity Bridge Can Do For You

If your organization wants to continue to leverage Active Directory while they shift to cloud and web resources, you should look into a managed identity bridge. With this setup, AD identities become federated to your non-Windows resources, granting easy access to your end users. This means that AD can stay the authoritative identity provider, while the passwords can be leveraged on systems and applications that AD couldn’t normally touch. You may be thinking, “but identity bridges are a lot of work, and I don’t want to have to deal with adding more infrastructure.”

Well, you’re right. Many Identity bridges can add a great deal of work to IT. They have historically been heavyweight systems, but that’s where having a managed identity bridge really kicks in. As IT admins shift more IT resources to the cloud, we are shifting the identity bridge to the cloud. Since it is a cloud identity bridge, IT admins don’t need to worry about implementation, management, and ongoing maintenance of the on-prem infrastructure. AD is simply pointed to JumpCloud, and it securely connects with the managed identity bridge. Then, the heavy lifting is done by Directory-as-a-Service to federate the AD credentials to Mac and Linux systems, cloud and on-prem applications (via SAML and LDAP), physical and virtual storage systems (such as Samba file servers and NAS appliances), and WiFi networks (via RADIUS).

Try the Managed Identity Bridge For Yourself

If you would like to learn more about JumpCloud’s managed identity bridge, AD Integration, make sure you contact us. We would be happy to answer any questions that you have about the bridge, as well as the rest of our cloud-based directory. If you want, you can also sign up for a live demo of the product. Then you can see for yourself how the tool works. Alternatively, if you are more of a hands on person, you can check out the DaaS platform for yourself. We offer 10 users free forever, with no credit card required, so there are no obstacles in your way. Sign up for an account today!

Continue Learning with our Newsletter