Migrating LDAP To The Cloud

By Ryan Squires Posted March 15, 2019

Hosted LDAP

Are organizations really migrating LDAP to the cloud? To be fair, the end goal isn’t to truly migrate LDAP to the cloud, because LDAP is a protocol. More precisely, the aim is to shift LDAP authentication to an LDAP server in the cloud. We understand it can be an exercise in semantics, but, technicalities aside, it is clear that many IT organizations are shifting their IT management infrastructure to the cloud. And, part of the transition means figuring out what to do with identity management, and specifically, the LDAP server.

Why LDAP?

LDAP has a long history dating back to the early 90s. They say necessity is the mother of all invention, and that’s true when it comes to LDAP (lightweight directory access protocol). LDAP was created as a less resource-intensive version to the X.500 directory services protocol at the University of Michigan by JumpCloud® advisor Tim Howes. X.500 required significant overhead  in order for it to be used, and the machines at that time simply were not up to the task. As a result, Mr. Howes and his colleagues worked to pare down X.500 so the machines were able to utilize it. That’s where we get LDAP from.

LDAP became so popular that it was classified as the internet standard for authentication in 1997. It’s still around today because it was a cornerstone in helping to build the internet. Now, it’s mainly used for authentication into the more technical applications and systems that generally make up DevOps organizations and other technical outfits.

LDAP Usage and Limitations

Traditionally, the LDAP protocol and its associated infrastructure hasn’t been the easiest to manage. It is highly technical, and implementations often require tedious configuration and set up. That’s why many IT organizations have to hire engineers in order to set up, configure, maintain, and ultimately manage user access to LDAP-based resources in an LDAP directory like OpenLDAP™. While most LDAP directories, like OpenLDAP, are open source and require no software to purchase, they do require a hefty investment in both the server components and technical knowhow. That said, while difficult to set up, OpenLDAP and most LDAP directories are incredibly flexible platforms for making use of the LDAP protocol, and many organizations simply could not operate without them. But, with the shift to the cloud underway, IT organizations want to make sure they still get the benefits of LDAP without the on-prem investment.

Moving LDAP to the Cloud

As noted previously, more IT infrastructure is shifting to the cloud every day. That has enabled LDAP to shift along with it. The good news is that LDAP-as-a-Service is making this process possible—all without the heavy lifting of on-prem LDAP. Because infrastructure has moved to the cloud, this third-party solution has placed OpenLDAP servers all around the globe to ensure that high availability and remote access are attainable for organizations that are in need of LDAP authentication. And because the hard work of implementation has already been handled, IT organizations can just get to work enabling their users to be productive and safe. Frankly, there is little reason to run your own LDAP infrastructure when you can do so from the cloud.

LDAP-as-a-Service is just one feature from JumpCloud Directory-as-a-Service®. In addition to LDAP-as-a-Service, users can leverage multiple authentication protocols like RADIUS, SSH, REST, SAML, and more so that their users can utilize whatever tools are best for the job. Directory-as-a-Service is not just a mere user management platform either. Using JumpCloud, you can secure systems as well with GPO-like policies that can enable full disk encryption (FDE), set screen lock timers, and disable USB ports so your machines are safe—even if they’ve been lost, left unattended, or somebody made the mistake of sticking a USB drive they found on the ground into the system.

Learn More About JumpCloud

Ready to start migrating LDAP to the cloud? Sign up for a JumpCloud account and see how LDAP authentication from the cloud can give you some time back in your day. If you just have a few questions, feel free to drop us a line, and we’ll be happy to sort out the specifics of your situation. For implementation information, see our Knowledge Base, or to see some videos about how JumpCloud works, visit our YouTube channel.

Ryan Squires

Ryan Squires is a content writer at JumpCloud, a company dedicated to connecting users to the IT resources they need securely and efficiently. He has a degree in Journalism and Media Communication from Colorado State University.

Recent Posts