By Zach DeMeyer Posted February 21, 2019
OneLogin™ virtual LDAP is meant as a complement to the SaaS company’s web application single sign-on (SSO) platform. The idea behind offering both LDAP and SAML is to be able to connect users to more of their application base. While this approach is helpful for applications, IT admins are looking at the problem of identity and access management (IAM) more holistically.
IAM as it Was
In order to understand the challenges of identity and access management in the modern enterprise today, we need to step back to understand how we got here. Traditionally, the IT network was Windows® -based and on-prem, and, as a result, was managed by Microsoft® Active Directory® and the Windows domain controller concept. Active Directory (AD) enabled end users to login to any of their Windows-based IT resources once they logged into their Windows laptop or desktop when connected to the network.
Of course, we know that the IT landscape started to shift with the advent of the cloud and web applications. The result was a generation of web application single sign-on (SSO) solutions, like OneLogin, which federated AD identities to web applications. So, IT admins added on solutions to their identity management approach, federating the authentication of AD-based identities to SAML-based web applications. Then, over time, single sign-on providers realized that LDAP-based applications were needed as well, so they tacked on that functionality. Interestingly, though, LDAP was much more complicated than SAML application integration.
The Changes Continue
But, the changes in IT didn’t stop with just a shift to web applications. Data centers were being replaced by AWS® . Productivity platforms were moving to Office 365™ and G Suite™. macOS® and Linux® machines started to become quite popular. In addition, the on-prem Windows file server shifted to NAS appliances, Samba file shares, and cloud solutions such as Box™, Dropbox, and G Drive™. So, the concept of Active Directory plus web application SSO, even with virtual LDAP, wasn’t enough.
IT admins started to search for a True Single Sign-On™ approach that securely managed and connected users to their IT resources. True SSO means virtually all resources, including systems, servers, applications, files, and networks, regardless of platform, provider, protocol, and location. The sole provider of True Single Sign-On on the market today is JumpCloud® Directory-as-a-Service® .
Virtual LDAP: LDAP-as-a-Service
Directory-as-a-Service reimagined AD and LDAP for the cloud era, federating user identities to the amalgam of resources used in the modern workplace. Using the LDAP, SAML, and RADIUS protocols, Directory-as-a-Service manages identities, systems, and networks from one centralized cloud directory service.
Looking for a True Single Sign-On alternative to OneLogin virtual LDAP? Look no further than Directory-as-a-Service from JumpCloud. You can try Directory-as-a-Service completely free today, with ten users included to help get your feet wet. You can also contact us if you have any questions, or check out our YouTube channel for instructional/best practices content.