A domain describes a collection of users, systems, applications, networks, database servers, and any other resources that are administered with a common set of rules. Generally, a domain also encompasses a physical space like an office or multiple offices. If you are within the domain you are in a theoretically safe space and trusted. If outside, you are untrusted, so the domain would effectively be your castle with a moat around it.
A domain controller is a server (most commonly Microsoft Active Directory) that manages network and identity security, effectively acting as the gatekeeper for user authentication and authorization to IT resources within the domain. Domain controllers are particularly relevant in Microsoft directory services terminology, and function as the primary mode for authenticating Windows user identities to Windows-based systems, applications, file servers, and networks.
The popularity of Windows systems for enterprise solutions established the domain controller as a common term when discussing networking architecture. However, recent trends have antiquated their use — especially for non-Windows systems. Domain controllers as they exist today are expected to become obsolete in the near future as an increasing number of organizations seek alternative cloud identity and access management (IAM) solutions. In fact, there is a movement called the Domainless Enterprise which is leveraging the trends towards use of primarily cloud-based infrastructure and expansion of remote work to build the next generation IT infrastructure.
But before we can move to the next generation, we have to have a solid foundation on what came before it, so as to learn from our successes (and failures) and understand why we need to do things differently today.
Intro to Domain Controllers
The concept of the domain controller was first introduced by Microsoft in relation to the Windows NT networks of old. IT admins needed a way to control access to resources within a domain – essentially an organization’s users and IT resources. The domain controller was established for precisely this reason. In this environment, all user requests are sent to the domain controller for authentication and authorization. The domain controller then authenticates the user identity, typically by validating a username and password, then authorizes requests for access accordingly.
In the days when everything was on-prem, it made sense to have a physical computer dedicated to administering user identities and validating requests for access. They were so effective that domain controllers were later adapted as a fundamental element of Active Directory® services. Fast forward a few years and they still play a critical role for a lot of organizations. You can find them lurking in the server room for most organizations that are still locked into AD. In fact many IT organizations and admins would not build their IT infrastructure without one.
While domain controllers are still very relevant to the modern enterprise, they represent the old way of doing things. It’s like having a gasoline engine in your car — it’s the primary way most people get around today, but everyone knows the future is electric. The cloud is analogous to what the electric motor is doing to the modern automobile. Before long, all IT infrastructure will be in the cloud. And, as we all know the shift to the cloud is accelerating everyday.
Domain Controllers of Tomorrow
So if domain controllers are such a critical component today, you may be asking how they can be replaced tomorrow. Enter in JumpCloud Directory Platform, the first outright cloud directory service. A cloud directory service eliminates the need for an on-prem domain controller by shifting user authentication and authorization to the cloud. All of the secure identity validation still occurs, so the only difference is that you don’t have the server in your own rack. In fact, a wireless access point is typically the only on-prem component you will ever need to leverage our service.
A cloud directory service provides lightspeed authentication and management capabilities from anywhere with an internet connection instead of everything being on-prem. In effect, a cloud directory service is the modern domain controller for the cloud with the power to authenticate user identities and authorize access to resources, regardless of platform, wherever they may be. Top that with foundational security principles – Zero Trust – and the way of the future is not only the cloud, but a modern cloud directory platform to serve as your “virtual domain controller”.
If you would like to learn more about the future of domain controllers and why the Domainless Enterprise may be the future approach for your organization, drop us a note. Alternatively, sign-up for a JumpCloud Free account and see what a true cloud directory platform could be for you. Your first 10 users and 10 systems are free and you can leverage our 24×7 premium in-app chat support for the first 10 days as well.
- “What Is a Domain? – Definition from Techopedia.” Techopedia.com, <www.techopedia.com/definition/1326/domain-networking>