By Zach DeMeyer Posted March 9, 2019
With so many changes in the IT landscape, it is sometimes difficult to have a finger on the pulse of the various identity management solutions available. As admins explore their options, many IT organizations are seeking an overview of Active Directory® Domain Services (AD DS) to see whether the legacy Microsoft® platform is still right for them. Does the Microsoft domain approach fit the future of identity and access management (IAM)? We will explore this question together.
Historically, leveraging Active Directory Domain Services made a great deal of sense. The office of yore was filled with bulky desktops in cramped cubicles, and all of them were based in the Windows® OS. Using Active Directory as the sole source of truth, IT admins created a domain where their users could freely access their resources.
Thanks to AD DS, end users could log in to their Windows machine and subsequently be connected to virtually any Windows-based resource—server, application, network—that they had rights to. Of course, in an all-Windows, on-prem workplace, it was fairly simple to connect resource access together under one directory. For a time, IT admins had a straightforward IAM approach.
The Domain and the Cloud
Challenges started to emerge once new IT resources hit the market. Innovations such as cloud infrastructure, web applications, cloud file servers (and on-prem NAS appliances), and much more changed the face of IT. Non-Windows systems (macOS® and Linux®) also started to gain popularity in the workplace, putting a strain on AD DS. The traditional approach to connecting users to their IT resources, now including these new non-Windows and cloud-based ones, started to break down.
The concept of the domain was morphing and changing. The “domain” effectively now included remote resources that weren’t controlled by IT. The result was that IT organizations started to have separate user access control in multiple places. The idea of having one central authoritative identity provider was no longer valid. Essentially, the domain, as it was once known, was no more.
Most organizations, however, didn’t want to let go of the AD Domain Services concept. So, they did their best to keep their IAM domain under AD. To do so, they patched it with add-ons, such as identity bridges, privileged identity management, web application single sign-on (SSO), and more. The problem with this approach was more moving parts/integration work, increased costs, and more infrastructure on-prem. Despite the fact that AD remained the sole source of truth, the centralized domain seemed to be a thing of the past.
A New Domain Approaches
There is, however, a next generation directory service, available from the cloud, that has reimagined the domain for the modern era. Compatible with all three major system platforms, countless web apps, cloud infrastructure solutions, and more, this Directory-as-a-Service® is a centralized, authoritative identity provider. Since it’s a browser-based directory, the solution can be used anywhere to authenticate users, regardless of whether they are in the office or remote.
Akin to the glory days of AD DS, JumpCloud® Directory-as-a-Service acts as the sole source of truth for networks, file servers, applications, and other critical IT resources. IT admins can seamlessly federate access to these resources, and manage entire system fleets using cross-platform Policies. Truly a directory for the modern era, Directory-as-a-Service Makes Work Happen™ for scaling IT organizations of any size.
Dive deeper than this overview of Active Directory Domain Services into the JumpCloud domain by checking out our blog or YouTube channel. You can also contact us for more information on the matter. If you would like to see what all of the fuss is about, simply try JumpCloud today. An account is completely free and includes 10 users, free forever, to get you started.