Cloud Directory Feature: Samba File Server Authentication

Written by Brandon White on October 9, 2020

Share This Article

Enterprise storage has seen monumental shifts over the last decade, including remote work, “bring your own device” acceptance, and moves away from Microsoft® Windows® Server. When Windows dominated everything about the enterprise IT environment, the “Shared Drive” was a mainstay for end users.

It was typically mapped as the “S:// drive”, it was the de facto place to store files at work if you needed redundancy, and it was the only place IT would advise storing your files. IT controlled every aspect of the experience. As new devices (e.g. Mac and Linux) came on the market, the storage needs began to shift, fragmenting the strategy for IT departments for many years.

As organizations began to support more device types outside of just Windows, and work began to happen outside of the office as much as inside, managing file storage became a challenge. Furthermore, the legacy Microsoft CAL-based licensing was often a costly and logistical nightmare for IT departments. As yearly budgets became a concern, a shift away from large capital expenditures (e.g. Windows servers) let many organizations move to cloud services and an operating expenditures model.

Why Keep On-Prem Storage?

IT admins are still working through what parts of the cloud are valuable to them and what parts of their IT infrastructure need to remain on-prem. One area that is quite difficult to sort through is storage systems. There are some excellent cloud storage options available, including Google Drive, Dropbox, Box, and many others.

The challenge, though, is that many use cases require higher performance, greater security, and better ROI. These situations can include organizations that regularly deal with large file sizes, strict regulatory requirements, or those that have massive amounts of storage. In all of these cases, there is a compelling reason to stay on-prem with their storage. Samba file servers and NAS (network attached storage) appliances can be a strong option.

Managing On-Prem Storage From the Cloud

So, even though their storage resources may remain on-prem, IT organizations’ management tools are being moved to the cloud. This is beginning to create a disconnect. Fortunately, the cloud directory has recently become an option.

Historically, the identity provider has been on-prem. For almost two decades, Microsoft Active Directory® has been the on-prem directory services market share leader. But, as more IT resources shift to the cloud and become mixed platform and from multiple providers, AD is no longer the best choice.

A modern directory needs to match the modern IT environment, and it does that by securely managing and connecting users to their IT resources from the cloud – regardless of the platform, provider, protocol, or location. This is where the cloud directory from JumpCloud comes into play. JumpCloud’s Directory-as-a-Service® (DaaS) is connecting users to systems (Windows, Mac, Linux), cloud and on-prem servers (AWS, GCP, Azure, on-prem), web and on-prem applications via LDAP and SAML, wired and WiFi networks through RADIUS, and physical and virtual storage such as on-prem Samba file servers and NAS appliances.

The cloud directory solution Directory-as-a-Service is the modern directory that IT admins have been searching for, and it can leverage your existing G Suite, Office 365, or Active Directory credentials as the base identity for your users. The centralized directory is able to replicate those identities and federate them to a wide range of IT resources, including on-prem Samba file servers. The same identity that a user leverages for access to their machine becomes the one that is used for file server access.

JumpCloud’s Samba File Server Authentication

Is Cloud Storage the Answer?

Many organizations tried to pivot to using cloud storage providers such as Box, Google Drive, or Dropbox to simplify the end-user experience, but those platforms bring their own set of challenges. It’s much slower to upload to a cloud provider for bandwidth-constrained locations than it is uploading on your locally managed server. From a compliance perspective, cloud providers require additional oversight to ensure that an ever-changing product doesn’t put an organization in breach of its privacy protocols. Cost is another crucial hindrance to cloud storage. As file needs grow, cloud providers have kept pace with storage options, but they’ve come at a cost.

A cloud storage account might make sense financially for small organizations, but as the needs for more and more users come to fruition, the monthly subscription bill will continue to go higher and higher with no end in sight. Despite the falling price for raw hard drive storage, cloud providers haven’t kept pace with lower prices. They often will add to the available space for the same price regardless if an organization needs it or not.

Open-Source Samba Solutions

As IT organizations face ever-challenging budget constraints along with ever-expanding end-user use cases, many of them have turned to open-source Samba file server solutions. This open-source approach allows IT to leverage the falling price of on-premises storage without the added expense and complexity of running Windows Server.

Identity management is often a challenge with open-source solutions, though. With a cloud directory solution, IT departments get the best of both worlds. Storage is on-premises and always in compliance, but onboarding and access are turn-key as a Windows Server environment. Employees can use their core cloud identity login to access their local machine and the company file server. Because Samba is cross-compatible, employees can access from Windows, Mac®, Linux®, Chromebooks, or even iOS® using Apple’s Files app.

With IT organizations interested in shifting their identity management infrastructure to the cloud, the on-prem Samba file server can be a challenge to control and manage. The good news is that the cloud directory feature for Samba file server authentication makes it easy to control access from the cloud to an on-prem resource.

The JumpCloud® Directory Platform can leverage the same identity used for accessing the person”s Windows, Mac, or Linux system as well as web and on-prem applications for file server access. This one identity can be the core set of credentials for virtually all users’ IT resources. File access and control are critical, and with the move to Samba file servers, a cloud directory solution must handle that capability. Try JumpCloud Free with up to 10 users, 10 systems, and 10 days of Premium in-app chat support.

Brandon White

Brandon is an enthusiast, solutionist, and JumpCloud’s Technical Evangelist, active in journalism and IT in cities across the US for over 25 years. Pick his brain on Slack in the JumpCloud Lounge:

Continue Learning with our Newsletter