By Greg Keller Posted February 21, 2017
Directory services are a core part of the fabric of an organization. They are arguably the most important component in an IT infrastructure outside of perhaps the physical network itself.
So what does a directory service do?
Directory services connect users to the IT resources they need to access. Think of the service as a matrix with users down the left hand side and all of the IT resources within an organization across the top. Each “cell” would be whether the user has access to the resource or not.
Thinking about directory services as a table isn’t necessarily a bad way to conceptualize what they do for an organization. In practice, it is much more complicated because not all users or IT resources are created equal. On the user side, there are employees, contractors, temporary users, and service accounts among other types of ‘users’. On the IT resource side, not all resources are accessible via the same mechanisms. Some IT resources use LDAP, others SAML, some RADIUS, and others yet numerous other authentication protocols.
Tying users to what they need can be complex due to the different needs and requirements.
As Business Evolves, So Must Directory Services
Historically, directory services were able to be somewhat simplistic because networks were largely homogeneous. For instance, LDAP would only connect to devices and applications that supported the LDAP protocol. These were generally more technical, *nix style resources. Windows devices and applications were largely controlled by Microsoft Active Directory®.
The trouble with these approaches in modern organization is that networks are heterogenous now. In addition to leveraging multiple platforms, IT organizations are leveraging resources all over the globe. The simple, rigid directory services of the past no longer cut it.
Cloud-based Directory Services
The modern directory service take a different approach. Flexibility, agility, and ubiquity are all hallmarks of modern directory services. Modern day directory services are known as Directory-as-a-Service®.
Key characteristics of the Directory-as-a-Service approach include:
- Delivered as a cloud-based service – modern directory solutions are delivered from the cloud because they need to connect various cloud applications and infrastructure components together with users who are potentially all around the world. Internal locations for an organization are viewed as another cloud to integrate for SaaS-based directory services solutions.
- Platform and location agnostic – the world has changed. Microsoft no longer dominates the modern organization. So IT admins need to support Mac and Linux, in addition to Windows, while also supporting cloud-based infrastructure and applications. That means a variety of different authentication protocols.
- Simple, but powerful – IT admins are busy. Spending significant amounts of time on directory services is not in their job description. So easy-to-use and implement solutions are paramount. Modern directory services can’t be dumbed down, but they do have to make it easy to do what you need to do, without the heavy lifting.
- Secure – identities are one of the most sought after digital assets inside of an organization. Directory-as-a-Service is not only focused on connecting users to the IT resources they need, but also doing so securely.
A directory service is a critical component of any organization. Knowing and controlling who has access to what resources is paramount not only for productivity, but for security as well. Learn more about modern directory services by searching for more information about Directory-as-a-Service.