By Vince Lujan Posted September 27, 2018
A lot of IT organizations are making the switch to next generation cloud directory services these days. After all, it doesn’t make a whole lot of sense to continue leveraging antiquated on-prem platforms when there are more powerful alternatives delivered as a service from the cloud at a fraction of the cost. The JumpCloud® Directory-as-a-Service® platform is a great example. We’ll dive into the benefits of the JumpCloud platform further down the page, but we should start by outlining the development of directory services to reveal why next generation alternatives are superior.
Directory Services through the Years
The modern age of directory services stretches back to the advent of LDAP in 1993. LDAP was created at the University of Michigan by our advisor, Tim Howes, and his colleagues. The creation of LDAP subsequently led to the introduction of two legacy directory services platforms: OpenLDAP™ in 1997, and Microsoft® Active Directory® (MAD or AD) in 1999.
Active Directory would go on to become the most popular on-prem directory services platform to date, whereas OpenLDAP was destined primarily for open-source use in the data center. IT admins found MAD to be particularly appealing in the early 2000s, primarily due to its tight integration with Windows® users and, of course, Group Policy Objects (GPOs).
The ability to manage user identities and connect them to various IT resources is the primary purpose of directory services platforms. In the case of Active Directory, this concept refers to the ability to manage various instantiations of Windows user identities, and connect them to resources such as Windows-based systems, on-prem Windows applications, and Windows File Servers. User management also includes the ability to set varying levels of user access to IT resources such as these, and what users can do with those IT resources. How do you control the IT resources themselves? That’s where GPOs come into play, for example, at least as it relates to systems.
Group Policy Objects
GPOs are essentially predefined scripts, commands, and task execution templates that are designed to manage Windows system policies. IT admins generally use GPOs to disable USB storage, restrict control panel access, configure screen lock timeout, and control just about any Windows system behavior. The key advantage with GPOs is that IT professionals can administer commands to fleets of Windows-based systems from one central location. Without the concept of group-based policy management, IT admins would have to configure the same system policies granularly per system. This made the use of GPOs and MAD highly advantageous—especially around the turn of the century when just about every IT resource was on-prem and Windows-based. However, the rise of Mac® and Linux® endpoints, cloud innovations, and non-Windows IT resources changed everything.
Adding Complexity to Identity Management
The introduction of disparate systems, web applications, cloud infrastructure, and a huge variety of non-Windows IT resources put tremendous pressure on legacy directory services platforms—especially Active Directory. Remember that MAD was specifically designed for on-prem networks of Windows-based IT resources. Consequently, anything that didn’t fit into that mold was difficult (if not impossible) to manage with MAD out-of-the-box. The result was the creation of an entire generation of Active Directory add-on solutions that were developed to mitigate these challenges.
Add-on solutions such as web application single sign-on (SSO), directory extensions, privileged identity management solutions, and more were designed to extend on-prem identities to unsupported IT resources in MAD environments. While this layered approach was effective, it also added significant cost and management overhead. Not only that, but IT admins quickly discovered that the number of add-ons required continued to increase in order to support the wide variety of innovations that have been introduced since the mid-2000s. This trend will likely continue for the foreseeable future as more IT resources move away from an on-prem, Microsoft foundation. This, of course, is the primary reason why so many IT admins are choosing next generation cloud directory services alternatives.
Advantages of Next-Gen Cloud Directory Services
The key advantage of next generation cloud directory services is that they can effectively mitigate many of the challenges with legacy solutions as previously mentioned. The JumpCloud Directory-as-a-Service platform, for example, not only covers the vast majority of the use cases of traditional MAD implementations, but also delivers the capabilities that were historically delivered by a host of add-on solutions via One Directory to Rule them All®.
Said another way, the JumpCloud platform securely manages and connects users to their systems, applications, files, and networks—regardless of the platform, protocol, provider, or location—all from one centralized location in the cloud that doesn’t require anything on-prem. JumpCloud even offers its own cross-platform GPO-like capabilities, called Policies, which provides group-based policy management functionality for Windows, Mac, and Linux.
The end result is that IT admins are empowered with the confidence to choose only the best IT resources for the organization, knowing they can effectively manage it all with the JumpCloud Directory-as-a-Service platform.
Learn More About Next Generation Cloud Directory Services
Check out our Knowledge Base to learn more about the JumpCloud Directory-as-a-Service Platform from a technical perspective. The following are a few examples to help get you started:
Contact the JumpCloud team or schedule a demo to learn more about next generation cloud directory services. You can also sign up for a free account and take advantage of the full functionality of the JumpCloud platform today. We even offer ten free users forever to help you discover everything that JumpCloud has to offer—risk free. Finally, check us out on YouTube for product explanations, tutorials, whiteboard presentations, customer stories, and more.