Microsoft Active Directory® Lock-in

By Rajat Bhargava Posted December 7, 2016

IT organizations hate being locked into a particular type of solution or vendor. It is one of the things that they spend a tremendous amount of time avoiding.

They do so for good reason: being locked in means that you pay more, have less flexibility, and generally receive inferior support.

Lock-in is great for vendors. It is wonderful for them to know that they have revenue that they can count on. Of all vendors, Microsoft may be the most adept at locking in their customers to their platform. In fact, Microsoft Active Directory lock-in forces their customers to use solely the Microsoft ecosystem and platform.

Microsoft: Experts at Monopoly

Microsoft had tremendous momentum in the 1990s with Windows. It was by far the most dominant operating system platform and effectively had a monopoly in the space. Eventually, the regulatory agencies took note and sued Microsoft for monopolistic behavior with respect to Windows.

monopoly

In the late 1990s, they made a brilliant move. They would no longer just count on Windows to be their lock-in solution, but they would tie all of their disparate Windows devices and applications together via a central user and device management platform called Active Directory. AD enabled IT admins to centrally provision and deprovision user access to devices, applications, and the network.

The only caveat? The solutions needed to be Windows to tie into AD.

IT Got Locked-In by Microsoft

The strategy worked to perfection. IT admins implemented AD because they were largely Microsoft Windows-based shops. Consequently, when a new device or application was needed, a key requirement became that it was a Windows product and manageable by AD.

active directory Microsoft's windows lock-in strategy

It was a self-reinforcing virtuous cycle for Microsoft that generated billions in revenue and profit. Even their CEO named AD as one of the most critical assets of the entire company. For IT organizations, though, it was predictable. They were locked into Microsoft solutions. Moving away from Windows became harder, so IT admins were reluctant to shift away for much of the 2000s.

More Infrastructure Today is Outside of Microsoft’s Ecosystem

As a new generation of startups and tech-savvy employees arrived on the scene, Apple Macs and iOS devices started to increase in popularity. AWS made it easier to have data center capacity without having to build the data center themselves. Google Apps eliminated the need for Microsoft Exchange, a companion to AD.

aws1

All of this meant that AD and, as a result, Windows was no longer an obvious choice. In fact, without Active Directory, organizations were free to choose a greater variety of platforms and cloud applications. Now, new apps and platforms are driving new models – companies don’t need to have all of their employees in-house or their data center on-prem. The flexibility afforded to organizations as they moved away from AD became significant. And to many, it became a competitive advantage.

Moving On with Cloud Directory Services

The benefit of eliminating Active Directory was, of course, not being locked into Microsoft solutions. While IT could now choose Microsoft technology because it was right for the situation, they also had the freedom to move elsewhere. The challenge became, what would be a good independent and cross-platform replacement for Active Directory? The answer appeared with Directory-as-a-Service®. As a cloud directory service, this virtual identity provider accomplishes many of the same tasks as Active Directory, including user and device management. However, it has a few critical differences. Those unique aspects are its ability to manage Windows, MacOS, and Linux devices, IT resources on-prem or in the cloud, and a wide variety of protocols, including LDAP, SAML, RADIUS, SSH, and REST.

daas Directory-as-a-Service

Vendor-Neutral Alternative to Microsoft Active Directory Lock-in

If you would like to learn more about how to avoid Microsoft Active Directory lock-in, drop us a note. We think that you will be pleasantly surprised with how you can extend Microsoft AD-like functionality to your entire IT infrastructure regardless of vendor or location. Give it a try for yourself. Your first 10 users are free forever.

Rajat Bhargava

Rajat Bhargava is co-founder and CEO of JumpCloud, the first Directory-as-a-Service (DaaS). JumpCloud securely connects and manages employees, their devices and IT applications. An MIT graduate with two decades of experience in industries including cloud, security, networking and IT, Rajat is an eight-time entrepreneur with five exits including two IPOs, three trade sales and three companies still private.

Recent Posts