Web Based LDAP Authentication

By Vince Lujan Posted January 6, 2018

Web based LDAP authentication is highly sought after in modern IT organizations. LDAP (Lightweight Directory Access Protocol) is the core authentication protocol leveraged by legacy identity management solutions like Microsoft® Active Directory® (AD) and OpenLDAP™. The trouble is that both solutions were designed for on-prem IT environments. So it’s no surprise that web based LDAP authentication would be a huge advantage as more IT resources shift to the cloud.

The good news is that a next generation LDAP-as-a-Service platform has emerged with the power to authenticate user identities to a comprehensive array of IT resources. It’s called Directory-as-a-Service®. However, before we describe the advantages of the hosted LDAP solution, let’s first outline the characteristics of traditional LDAP authentication to reveal the benefits of web based LDAP authentication.

Characteristics of Legacy LDAP Authentication: Active Directory and OpenLDAP

Characteristics of Legacy LDAP Authentication solutions

LDAP was created by our advisor, Tim Howes, and his colleagues at The University of Michigan in 1993. Basic LDAP authentication was designed as a means of securing decentralized IT environments. However, it was Microsoft that introduced the concept of authenticating user access to IT resources bound to a network when they combined the LDAP and Kerberos protocols to create Active Directory in 1999.

IT networks were predominantly based on Microsoft Windows® and on-prem when AD was released. This enabled Microsoft to establish AD as the default on-prem identity management platform that could help manage access to Windows-based systems, applications, file servers, and even the network itself in most organizations.

This approach worked well for many years. However, fundamental developments in the IT landscape started to change how IT organizations approached identity management in the mid-2000’s. For example, WiFi changed network architecture, cloud infrastructure like AWS started to replace on-prem data centers, and web applications were developed for just about any business need.

The pros of Web based LDAP Authentication

Then, when you factor in remote workers, disparate systems (e.g., Windows, Mac, Linux), and BYOD policies, it’s easy to understand how IT management with legacy identity management tools that were designed to support homogeneous systems and on-prem infrastructure can start to break down.

The bottom line is that AD and OpenLDAP were designed for a different era of IT when everything was on-prem and management for IT resources was relatively straightforward. What is needed today is a cloud identity management solution with the power to connect to virtually any IT resource. Enter in the next generation web based LDAP authentication solution, Directory-as-a-Service.

Web Based LDAP Authentication with JumpCloud

Web based LDAP Authentication with JumpCloud

JumpCloud Directory-as-a-Service is a next generation cloud identity management platform with the power to connect users to IT resources, regardless of platform, provider, protocol, or location. LDAP-as-a-Service is a core aspect of the JumpCloud platform. Cloud LDAP enables IT admins to leverage the benefits of LDAP authentication without the heavy lifting of procuring, implementing, and maintaining an LDAP solution on-prem. Instead, IT admins simply pay for what they use and JumpCloud takes care of the rest.

In addition to web based LDAP authentication, IT administrators can also manage user access to web applications (ex. Salesforce, Dropbox, Box), cloud productivity platforms (G Suite, Office 365), cloud infrastructure (AWS, GCP), on-prem applications (Docker, Jenkins), Samba file servers and NAS appliances (Synology, QNAP), manage network access (RADIUS), deploy cross platform GPO-like capabilities with Policies, enforce MFA and password complexity requirements, and more.

Learn More About Hosted LDAP Authentication

Get Started and Learn more about JumpCloud LDAP Authentication

LDAP has traditionally served as the foundational protocol for authenticating users to a wide array of IT resources on-prem. Directory-as-a-Service provides web based LDAP authentication to help IT organizations achieve their cloud-forward goals. The difference is that organizations can leverage the benefits of LDAP-as-a-Service without the headache of procuring, implementing, and maintaining LDAP infrastructure on-prem.

If you’re interested in JumpCloud LDAP authentication tutorial, watch the following whiteboard presentation.

You can also contact the JumpCloud team to answer any questions, or sign up for a Directory-as-a-Service account today see how web based LDAP authentication can benefit your organization. Your first ten users are free forever to help you discover the full functionality of our platform at no cost.

Vince Lujan

Vince is a writer and videographer at JumpCloud. Originally from a small village just outside of Albuquerque, he now calls Boulder home. When Vince is not developing content for JumpCloud, he can usually be found doing creek stuff.

Recent Posts