By Zach DeMeyer Posted April 10, 2019
Is there a solution like OpenLDAP™ with a web UI for admins? The desire makes sense given the rise of DevOps engineers using applications that can be authenticated via LDAP. So, as organizations join the mass shift to the cloud, IT admins are looking for a web-based instance of the popular open-source directory.
The Widespread Use of LDAP—and OpenLDAP
Stepping back, we should discuss why IT organizations and DevOps groups are leveraging OpenLDAP within their IT environments. Of course, the Lightweight Directory Access Protocol (LDAP) is one of the foundational authentication protocols in use today. It was created in the early 1990s, and has since been adopted for more technical applications—i.e. Linux-based infrastructure and DevOps related applications among many others. LDAP’s first uses would establish its position as the core of modern identity management.
Microsoft® used LDAP, along with the Kerberos protocol, to create Active Directory®, the most popular commercial directory service. Before that, however, developers utilized LDAP to create OpenLDAP, the most popular open-source implementation of the protocol. It is an open-source offering, so it can be used by practically anyone. Open-source solutions, however, also require significant technical know-how to properly implement.
Draws of LDAP Implementation
The challenge with implementing an on-prem LDAP infrastructure is that it can be painful to install, configure, and manage OpenLDAP servers, high availability equipment, and security infrastructure. An admin is required to tend to their OpenLDAP instance like a farmer to his flock, but in this age of the cloud and SaaS (Software-as-a-Service) applications, some admins are curious if they could leverage OpenLDAP from the cloud as well.
OpenLDAP with a Web UI
Ideally, IT admins and DevOps engineers would simply be able to leverage OpenLDAP capabilities via a web UI. Of course, the authentication process would happen in the background, but the ability to provision, connect, and manage the OpenLDAP platform would happen as a SaaS-based LDAP service.
Unfortunately, traditional LDAP instances, such as Red Hat 389 or, by adjunct, Microsoft Active Directory, are not directly available from the cloud. Some folks think that Azure® Active Directory is the cloud replacement to on-prem AD, but that is not the case.
The good news is that there is a solution that offers LDAP authentication from the cloud. It is called Directory-as-a-Service® and is delivered by JumpCloud®. IT organizations simply point their LDAP-based applications, whether in the cloud or on-prem, to the virtual LDAP platform.
LDAP-as-a-Service from JumpCloud
JumpCloud’s LDAP-as-a-Service ports the full functionality of an on-prem OpenLDAP instance to the cloud. LDAP is only one of the protocols leveraged by Directory-as-a-Service, which uses SAML to connect to web apps and RADIUS to authenticate user network access. On top of these protocols, JumpCloud Directory-as-a-Service offers sleek system management for Windows®, Mac®, and Linux® systems with group management through Policies. Most importantly, Directory-as-a-Service is a cloud directory service, leverageable from any web browser, anywhere.
If your organization is looking for something like OpenLDAP with a web UI for admins, look no further than JumpCloud Directory-as-a-Service. You can see how JumpCloud will graft into your environment absolutely free, just by signing up for Directory-as-a-Service. Your account includes ten complementary users, forever. Contact us to learn more.