By Kayla Coco-Stotts Posted December 5, 2019
What does OpenLDAP Help With?
OpenLDAP™ is a free, open-source implementation of LDAP that consolidates information for an entire organization into a central repository/server. It is accessible from any location within a particular network (to make it secure from the public) and can bring order to an otherwise unruly labyrinth of IT resources.
IT admins often consider putting this authentication protocol/platform in the cloud to make it easier to manage user access, so that as their organization grows, admins don’t have to fret over the increasing cost and maintenance of on-prem infrastructure. Additionally, migrating OpenLDAP to the cloud allows admins to leverage a flexible implementation of LDAP, making it simpler to grant user access and control authentication.
What Information is LDAP Storing?
Data for OpenLDAP is stored in elements called attributes, which include information on users, groups, aliases, networks, and protocols. Those attributes are contained within an entry that groups attributes based on an admin’s preferences. Once grouped, entries are all added to Data Information Trees (DIT), as shown in the graph below. Of course, each user also has their password and other authentication information, in addition to attributes.
Graph courtesy of eTutorials.org
When considering migrating OpenLDAP to a cloud-based LDAP service, it’s important to note that you don’t usually try to migrate password information — you migrate everything else. Then, you ask the person to reset the password so that it’s properly created, stored, and secured.
Between On-Prem Servers
If an IT admin is interested in migrating OpenLDAP data from one server to another, they can use the LDAP Migration Tools. Though this isn’t common, it’s useful for organizations looking to just move information from one server to another.
This process can be complex and time-consuming for IT admins because OpenLDAP has two different layers, schema and data, and the latter (data) needs to be properly handled before it can be moved.
To Cloud-based LDAP
If an IT admin is interested in leaving on-prem infrastructure and moving identity management to the cloud, they can leverage cloud-based LDAP to handle the complexity of setup and maintenance.
Cloud LDAP generally allows greater coverage of systems and applications, as well as keeping not only user credentials, but the authentication process, entirely secure without a lot of work from the IT team. Additionally, leveraging OpenLDAP in the cloud lets professionals manage SaaS- and LDAP-based applications from one unified identity.
If professionals are looking to manage the entirety of their directory services from one interface, the JumpCloud® CSV Import Tool makes getting started on migrating users to the cloud a simple task. With cloud LDAP, IT admins can securely manage groups and users while integrating with applications such as Jenkins, Docker, and OpenVPN.
For more information on migrating OpenLDAP to the cloud, check out our support page on JumpCloud’s LDAP-as-a-Service. Additionally, you can sign up for a demo or register up to 10 users for free to try LDAP-as-a-Service for yourself.