By Ryan Squires Posted February 25, 2019
Okta recently released an LDAP service to complement its web application single sign-on (SSO) platform. Okta is looking to enable their customers to authenticate users to more than just web applications or applications that do not make use of the SAML authentication protocol. The question for IT admins is whether an Okta LDAP solution is a useful addition to their overall identity management approach or not.
Okta’s Pre-LDAP Roots
The traditional focus of Okta has been SSO. In fact, they were a pioneer in helping to drive the first generation Identity-as-a-Service (IDaaS) category. That category materialized when a gulf formed between on-prem identities provided by the legacy identity provider (IdP), Microsoft Active Directory® (AD), and web applications like Salesforce® and Google Apps™ (now G Suite™). Users needed a single identity to access all of their IT resources, but on-prem identities did not extend to cloud resources. Okta recognized this deficiency and utilized the SAML protocol to federate user identities from AD to the cloud. There they would be used to authenticate users into web applications. This strategy propelled Okta to become a market leader for a number of years in the SaaS-based web application SSO space.
Customer Base and Active Directory
Okta’s customers are generally the largest enterprises we have in business today. Most of those enterprises utilize AD as their identity store. It makes sense because Okta is made to complement AD. So, while synergy is good, the problem with this approach is that it leaves organizations straddling the line between on-prem and web solutions. The result for IT admins and workers alike is that there is a significant amount of overhead and management that must be dealt with. Aside from those challenges, there’s always the price.
The cost of using Okta has recently increased to upwards of $25 per user per month. That has left many IT organizations, the ones who are not exactly massive enterprise-type entities, to consider if there is an alternative approach to Active Directory with Okta bolted on. They have seen the benefits of identity management via Okta’s web portal. Many are left wondering if they can transition their entire identity and access management approach into the cloud, including an alternative to Okta’s nascent LDAP service.
Cloud-based Alternative to Okta and AD
Thankfully, there is a cloud identity management solution that securely manages and connects users to their IT resources including systems, applications, files, and networks regardless of platform, protocol, and location. That means users can fire up their Windows®, Mac®, or Linux® system and utilize a single identity, via True Single Sign-On™, to log in to just about any of their IT resources. That one identity works for AWS® web servers via SSH keys, legacy applications that authenticate via LDAP like Jira®, web applications by way of the SAML protocol, on-prem and cloud file servers (NAS/Samba devices, G Drive™), and even networks through RADIUS. All of this is made possible by JumpCloud® Directory-as-a-Service®.
Plus, because JumpCloud is vendor-neutral, IT admins get the ability to manage systems via Policies without having to do the integration work of adding on identity bridges to Active Directory. Essentially, JumpCloud is identity and system management rolled into one cloud-based solution.
Learn More About JumpCloud
Why leverage Okta LDAP when that means you are stuck with Active Directory? Sign up for JumpCloud today and manage up to 10 users at no charge. Or, schedule a demo, and see how the Directory-as-a-Service can work in your particular environment. Either way, you can always check out our YouTube channel for informative whiteboard videos, helpful hints, and best practices. Drop us a line if you have any further questions.