Overview of OpenLDAP™

By Ryan Squires Posted March 11, 2019


The identity management landscape continues to grow more complicated by the day with so many new solutions being delivered. Many of these solutions owe their start to the LDAP protocol and the associated LDAP servers that came before. Of the server solutions that leverage the LDAP protocol, perhaps the most popular of them all is OpenLDAP™. In this article, we’ll provide a detailed overview of OpenLDAP.

From LDAP to OpenLDAP

The LDAP protocol was created by Tim Howes and his colleagues at the University of Michigan in the early 1990s. What made it successful was that it was a lightweight version/variant of the standard directory services protocol at that time, X.500. LDAP utilized the client/server architecture model, so it required both types of components to make the protocol work and ultimately, be adopted by enterprises and organizations around the world. One of the earliest examples of an LDAP server was OpenLDAP. As an open source platform, its open nature made it possible for clients to connect to it. As a result, OpenLDAP would quickly make a mark in the identity and access management (IAM) game.

90s Babies: AD and OpenLDAP

As we know, OpenLDAP wasn’t the only directory services solution making its start in the late 1990s; Microsoft introduced Active Directory® (AD) in 1999. AD would go on to become the on-prem market share leader for Windows®-based networks—dominance that continues to this day. When you consider the fact that Windows owned the operating system space, it makes sense that a Windows-based tool would be used to manage those systems and users. But, because Microsoft had a tight grip over Active Directory, utilizing it for different systems and protocols required a lot of hard work on the part of IT admins.

For non-Windows environments featuring Unix/Linux®-based systems, on the other hand, OpenLDAP effectively served as the counterpart to Active Directory. While it was not designed to work exclusively with Linux/Unix systems and users, its flexibility enabled it to thrive in those environments. OpenLDAP would go on to become extremely useful in the data center as well as with more technical applications and systems. Stemming from its flexibility, many IT admins and DevOps engineers would customize the code to have it meet their exact needs. The flip side to that flexibility and ability to customize was that for many organizations, OpenLDAP was too difficult to install, configure, and manage. So, many simply forgoed the implementation of LDAP and their teams potentially lost out on using the best tools.

LDAP in the Cloud?

As the IT market pushed to the cloud, a new generation of LDAP-as-a-Service solutions emerged based on OpenLDAP. This next generation, cloud-based LDAP offering did away with the drawbacks of running your own OpenLDAP infrastructure and all the trappings that it came with (e.g. high availability, security, monitoring, etc.). Organizations simply utilized what they needed, paid for it on a per user basis, and ensured that their valuable IT resources were spent on tools and tasks that benefited the organization the most.

One such LDAP-as-a-Service provider is JumpCloud®  Directory-as-a-Service®. JumpCloud features high availability OpenLDAP servers and positions them in locations all around the world. With these in place, you can utilize LDAP to authenticate into the technical applications your organization uses daily like Jira®, OpenVPN™, Kubernetes, and Docker and do so from anywhere in the world. And, that’s just one of the protocols that JumpCloud utilizes. It also features RADIUS-as-a-Service to help bolster network security and SAML for SSO into your web applications. The best part is that JumpCloud combines all of these protocols into a single cloud-based directory and enables you to take advantage of each one with a single set of credentials. We call it True Single Sign-On™ and it works for systems (Windows®, Mac®, Linux®), cloud and on-prem servers (e.g. AWS, GCP, Azure, etc.), web and on-prem applications via SAML and LDAP, physical and virtual file servers (Samba file servers, NAS appliances, Box, G Drive, and more), and wired and WiFi networks.

Learn More About JumpCloud

If after this overview of OpenLDAP you want to see how LDAP-as-a-Service can benefit your organization, sign up for a JumpCloud account today. It’s free, requires no credit card, and you can start testing in minutes. If you have any further questions about the product or how it works, you can contact one of our product experts, explore the Knowledge Base, or watch some JumpCloud videos on YouTube.

Ryan Squires

Ryan Squires is a content writer at JumpCloud, a company dedicated to connecting users to the IT resources they need securely and efficiently. He has a degree in Journalism and Media Communication from Colorado State University.

Recent Posts