By Jon Griffin Posted October 12, 2017
True Single Sign-On™ means enabling users to have a single set of credentials with which they can sign-on to all of their IT resources – from applications, to file servers, to WiFi networks, and even to login to their workstation. For IT organizations, achieving True Single Sign-On means easier access to IT resources and simpler administration for admins. Of course, the most critical part of True SSO is connecting users to virtually any resource they need. This blog post describes how the True SSO feature for Samba file servers is connecting users to their data.
SSO vs. True SSO
True SSO is differentiated from web application SSO because of its ability to connect users to much more than just their apps.
Specifically, a solution can be called True SSO if it enables users to leverage a single identity for secure access to their system (Windows, macOS, Linux), cloud and on-prem servers (AWS, Azure, GCP, on-prem), web and on-prem applications (via LDAP and SAML), wired and WiFi networks through RADIUS, and cloud and on-prem data storage solutions such as Samba file servers through LDAP.
True Single Sign-On is a concept best exemplified by a new cloud identity management platform called Directory-as-a-Service®. The goal of this IDaaS solution is to securely manage and connect users to the IT resources they need, regardless of platform, protocol, provider, or location. Learn more about JumpCloud’s Directory-as-a-Service by reading the technical datasheet.
True SSO isn’t just about efficiency and security. It’s also critical to achieving IT flexibility. True SSO works across providers (e.g. AWS, G Suite, Office 365, and more). This enables IT admins to determine what IT resources are best for their organization, rather than being forced into Windows platforms via Active Directory® or the LDAP protocol via OpenLDAP™.
True SSO and Samba
While True SSO is really about supporting as many different types of IT resources as possible, one specific use case is Samba file server access and authentication. Many IT organizations are leveraging on-prem Samba file servers and NAS devices based on Samba. These data storage options are popular because of their cost-effectiveness and ability to store huge amounts of data while delivering it more quickly than cloud-based alternatives like Dropbox.
But since file servers often include terabytes of data, it is imperative to secure them. In order to help address this need, Samba file servers and NAS devices support the LDAP authentication protocol. They can be easily and quickly connected to LDAP with some additions to the LDAP platform, including additional data and schema modifications. This allows a user’s identity stored in LDAP to be used to authenticate to the file server as well.
Thanks to LDAP, no additional user management system is required to setup, configure, or manage on the Samba file server, and users don’t need to have an additional set of credentials. Instead, the user’s core credentials can be leveraged for file server access. This improves both user experience and security. This is the approach to achieving True SSO with Samba file servers.
Learn More About the True SSO Feature Samba File Servers
For those organizations that are interested in centralizing their identities and enabling them to access whatever IT resources they need, True SSO is the IDaaS solution they’re looking for – and JumpCloud is the company to provide it.
Drop us a note if you would like to learn more about how the True SSO feature for Samba file server support can extend your identity management strategy. Alternatively, experience the platform firsthand when you give our cloud directory service platform a try for yourself. JumpCloud offers a full version of the product that is absolutely free for the first 10 users.