Okta® LDAP-as-a-Service

By Zach DeMeyer Posted May 6, 2019

okta ldap-as-a-service

Okta® has been branching out a great deal lately, shifting from just a web application single sign-on (SSO) provider to do a great deal more in the identity and access management (IAM) space. One such offering is LDAP authentication. But, is Okta LDAP-as-a-Service worth considering? Let’s explore what Okta LDAP is bringing to the table and find out.

Okta’s Advancements

While they started out focusing solely on web app SSO, Okta is extending their sphere of influence into other areas of IAM. Those areas have included user management for web apps and mobile applications, similar to Azure® AD B2C. They also added two-factor authentication (2FA) capabilities to compete with Duo.

More recently Okta added Advanced Server Access technology, a form of privileged access management (PAM) similar to BeyondTrust. All of these pieces of functionality are aimed at making it easier for large-scale IT organizations at enterprises to leverage Okta for identity management. Of course, they also all come with a price tag, as Okta implements an a la carte pricing model that gets increasingly expensive with each feature.

Okta LDAP

Among these new functionalities, Okta has also introduced a basic cloud LDAP service to help authenticate legacy applications. The idea is to allow an organization to authenticate to any application, regardless of that app’s location.

Of course, LDAP can be a bit more complicated than Okta’s core protocol, SAML. LDAP also has a number of different customizations and functions that need to be integrated to support the full range of applications and storage infrastructure, which is often used in conjunction with Samba schema requirements to authenticate.

The Bigger Picture

Authenticating to applications is only one part of the greater identity and access management picture, which is ultimately the challenge that IT organizations are trying to solve. Unfortunately, while they seem to be headed that way, Okta cannot be used as a comprehensive IAM solution.

Traditionally, Okta users have achieved their identity and access management by using the product in tandem with Microsoft® Active Directory®. In the cloud era, however, the Okta plus Active Directory (AD) path is something that IT admins have been looking to change.

Ideally, IT organizations could move away from AD on-prem and shift their entire authentication platform to a cloud identity management solution. But, the trick is that authenticating applications is only one part of the overall problem. IT organizations are struggling with Mac® and Linux® systems; cloud servers hosted in AWS®, Azure®, and GCP™; file servers; WiFi and VPN networks; and much more.

The Gestalt of IAM

The Germans have a word, Gestalt, which is directly translated into form or shape, but is more often associated with the concept of Holism. Holism is the idea that the entire whole is much greater than the loose association of its parts.

Identity and access management can be viewed in the same light. By managing all of these resources at once, rather than by several disparate tools, IT admins can achieve a greater, more secure form of identity and access management, one better suited for the modern era of IT.

Thankfully, for organizations who feel trapped by on-prem directory services and a loose association of add-on parts, there is a holistic IAM solution that manages virtually all IT resources. This Directory-as-a-Service® manages user access to systems (Mac, Windows®, Linux), cloud and on-prem infrastructure and applications, networks, and more. What’s more, it is available free for up to ten users forever from JumpCloud®.

Try Directory-as-a-Service Free

Directory-as-a-Service (DaaS) is the cloud directory for the modern era of IT. One core tenet of DaaS is LDAP-as-a-Service, a true cloud delivery of LDAP for authenticating to on-prem resources without the need of an additional source of truth. DaaS also offers SAML 2.0 SSO for cloud apps, and RADIUS-as-a-Service for network security.

If you are interested in LDAP-as-a-Service from Directory-as-a-Service, simply try it for free today. Your first ten users in the platform are completely free forever. If you would like to learn more about the product, please contact us with questions or explore our YouTube channel.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts