By Vince Lujan Posted January 15, 2020
Web-based LDAP authentication is highly sought after in modern IT organizations. LDAP (Lightweight Directory Access Protocol) is the core authentication protocol leveraged by legacy identity management solutions like Microsoft® Active Directory® (AD) and OpenLDAP™. The trouble is that both solutions were designed for on-prem IT environments. As more IT resources shift to the cloud, web-based LDAP authentication simplifies LDAP for the modern era.
For organizations seeking simplicity, the LDAP-as-a-Service platform has emerged with the power to authenticate user identities to a comprehensive array of IT resources. However, before we describe the advantages of the hosted LDAP solution, let’s first outline the characteristics of traditional LDAP authentication to reveal the benefits of web-based LDAP authentication.
Characteristics of Legacy LDAP Authentication: Active Directory and OpenLDAP
LDAP was created by our advisor, Tim Howes, and his colleagues at The University of Michigan in 1993. Basic LDAP authentication was designed as a means of securing decentralized IT environments. However, it was Microsoft that introduced the concept of authenticating user access to IT resources bound to a network when they combined the LDAP and Kerberos protocols to create Active Directory in 1999.
IT networks were predominantly based on Microsoft Windows® and on-prem when AD was released. This enabled Microsoft to establish AD as the default on-prem identity management platform that helped manage access to Windows-based systems, applications, file servers, and even the network itself in most organizations.
How Changes in IT Affected AD
This approach worked well for many years. However, fundamental developments in the IT landscape started to change how IT organizations approached identity management in the mid-2000’s. For example, WiFi changed network architecture, cloud infrastructure like AWS® started to replace on-prem data centers, and web applications were developed for just about any business need.
Then, when you factor in remote workers, disparate systems (e.g., Windows, Mac®, Linux®), and BYOD policies, it’s easy to understand how IT administration with legacy identity management tools designed to support homogeneous systems and on-prem infrastructure start to break down.
The bottom line is that AD and OpenLDAP were designed for a different era of IT when everything was on-prem and management for IT resources was relatively straightforward. What is needed today is a web-based identity management solution with the power to connect to virtually any IT resource. Enter in the next generation web-based LDAP authentication solution: JumpCloud® Directory-as-a-Service®.
Web-Based LDAP Authentication with JumpCloud
JumpCloud has the the power to connect users to IT resources regardless of platform, provider, protocol, or location. As such, LDAP-as-a-Service is a core aspect of the JumpCloud platform. Cloud LDAP enables IT admins to leverage the benefits of LDAP authentication without the heavy lifting of procuring, implementing, and maintaining an LDAP solution on-prem. Instead, IT admins simply pay for what they use and JumpCloud takes care of the rest.
Learn More About Hosted LDAP Authentication
LDAP has traditionally served as the foundational protocol for authenticating users to a wide array of IT resources on-prem. Directory-as-a-Service provides web-based LDAP authentication to help IT organizations achieve their cloud-forward goals. The difference is that organizations can leverage the benefits of LDAP-as-a-Service without the headache of procuring, implementing, and maintaining LDAP infrastructure on-prem.
If you’re interested in a JumpCloud LDAP authentication tutorial, watch the following whiteboard presentation.
Contact the JumpCloud team to answer any questions, or sign up for a Directory-as-a-Service account today see how web-based LDAP authentication can benefit your organization. Your first ten users are free forever.