With the rapidly changing world of technology, IT has had to move fast just to keep up. While it is often possible to do everything yourself from scratch and patch together a solution that works, utilizing the right tools can make a world of difference. This post will detail one tool that can help organizations in moving off of Microsoft® Active Directory® for their directory services.
Active Directory and Heterogenous IT
Today, it is very common to find workplace environments with a wide variety of platforms, apps, and protocols in use. The list often includes Windows, Mac, and Linux systems, AWS infrastructure, and apps like Salesforce and Office 365.
Unfortunately, the default directory service, Microsoft Active Directory®, hasn’t been keeping up with the change. This has many IT admins searching for a way to move off Active Directory. With everything moving to the cloud, the thought process is that there must be a cloud-based Active Directory alternative.
A common thought is Azure Active Directory®, but with closer examination, it’s clear that Microsoft doesn’t want to move the directory to the cloud. As many have pointed out, Azure Active Directory is an adjunct to the on-prem Active Directory and really is focused on being the directory service for Azure. The good news is that it doesn’t take much searching to find the cloud based directory replacement to AD: Directory-as-a-Service® (DaaS).
Though finding the alternative is easy, some worry how difficult moving off of Active Directory to Directory-as-a-Service will be. IT admins can rest easy though, because Directory-as-a-Service from JumpCloud® also serves as a tool for moving off of Active Directory.
Moving Off AD:
1. Create a JumpCloud Account
It’s easy to sign up for a DaaS account. We’d suggest that you use your company email account as your admin account.
2. Install JumpCloud’s AD Bridge
AD Bridge is a lightweight agent that is installed on your Active Directory Domain Controller. Windows Server 2008, 2012, and 2016 are supported. The agent allows you to easily export your AD users to JumpCloud. Tag them inside Active Directory to let the JumpCloud AD Bridge agent know which users are ready to be replicated. You can decide to move as few or as many as you like, and move users either individually or as groups. The process goes completely at your pace. Once the agent knows which users are selected, they are then duplicated inside JumpCloud’s unified cloud directory platform.
3. Disassociate AD Users from AD
The next step is to cut the cord with AD. This is generally done by running a quick utility script that breaks the connection to AD and allows JumpCloud to manage the user.
4. Optional Step to Convert Domain Account to a Local Account
The Directory-as-a-Service platform works a little differently from Active Directory. AD creates domain accounts and remotely manages authentications. Since JumpCloud operates as a virtual identity provider in the cloud, user accounts are created locally to ensure that users can always login regardless of whether they can reach the directory service or not. This model embraces the cloud ethos of working from anywhere and also being able to work if the cloud is down.
Questions About How AD Bridge Works?
For a more detailed tutorial, walk through the complete more in-depth Active Directory Migration Guide, watch this video on AD Migration for Windows 10, or check out our Knowledge Base. You can also gain a better understanding of AD Bridge by watching the whiteboard video above or by looking over our reference architecture for AD Bridge.
Moving off Active Directory doesn’t need to be long or painful. JumpCloud’s AD Bridge technology is setup to allow IT admins the ability to migrate away from Active Directory at whatever pace makes sense to them. This ensures that they can feel comfortable with the process and that users can still access the IT resources they need without disruption.
Replace Active Directory with JumpCloud
Active Directory has been the on-prem market share leader in identity and access management. With the cloud emerging though, it’s clear that AD is no longer the choice IT organizations are making. New Identity-as-a-Service platforms such as Directory-as-a-Service are better suited to be the next generation of AD and OpenLDAP. The only trick is being able to migrate from AD to Directory-as-a-Service smoothly, which JumpCloud’s AD migration tool, called AD Bridge, makes easy.
If you would like to learn more about how to move off Active Directory and start using a cloud based directory, and what the migration process looks like, contact us directly. Also, you can sign up for a free account where your first 10 users are free forever. Finally, sign up for our JumpStart program if you would like more help and a free, unlimited user trial of our cloud identity management platform.