By Ryan Squires Posted December 20, 2018
With Apple®’s changes to their enterprise macOS® server approach, many IT admins are wondering what Apple Open Directory (OD) actually is and whether it will be around in the future should they choose to deploy it. The answer to the first question is this: Apple Open Directory is Apple’s answer to Microsoft® Active Directory® (MAD or AD), and it is a variant of the open source identity provider, OpenLDAP™. Second, whether OD is available in the future is a compelling question, but you must also consider whether or not it is a good fit for your organization.
From Apple Open Directory to Consumer Devices
Apple tuned Open Directory to work closely and seamlessly with the Apple Mac® OS X® platform, and it worked well for a lot of organizations. Further, the on-prem platform Open Directory had been enhanced significantly to function much more closely to Active Directory by updating it to include the concept of domains and some single sign-on (SSO) capabilities. For some time, Mac OS X Server even provided support for Linux® and Windows® endpoints by way of utilizing open source protocols like Kerberos and OpenLDAP. Unfortunately, Apple largely left the server game though and decided to focus its energies on more consumer-oriented products like iPods® and iPhones® and their desktop/laptop operating system, macOS.
Made for Apple
Nowadays, when you search Apple documentation for the capabilities of macOS server, it is apparent that macOS Server is a product designed to primarily manage macOS and iOS devices. No longer will you find information about support for Linux and Windows, which brings Apple Open Directory much more in line with how Active Directory (AD) functions today, which is generally a tool for Windows systems. Because it is focused primarily on Windows, AD requires a fair amount of add-ons and workarounds to work within the constructs of the modern IT environment. That means more integration work for IT admins. Akin to the situation with AD, because of macOS Server’s aim to provide what essentially equates to primarily Apple device management, it is not a viable solution for organizations leveraging multiple platforms.
These are not the only radical changes to Apple’s server software. Apple recently announced that with macOS Server 5.7.1, many services would be deprecated. For example, Apple is dropping support for its Mail Server, RADIUS protocol, and far more than that to mention here. At that top of that document, Apple makes it clear that the impetus for these changes stems from the fact that hosted services are on the rise. For example, why would Apple continue to support its Mail Server when companies are flocking to G Suite™ and Office 365™ in droves?
What Happens Next?
All of these changes are forcing Apple-focused IT admins to pause. With much of Apple’s server functionality falling off, Mac admins are weary of the add-on reality that Windows-focused IT admins have to deal with. If Apple-focused IT admins were to continue using Apple Open Directory while leveraging modern systems, applications, file servers, and networks, they would have to utilize a vast array of workarounds and add-ons to enable their users to connect to their IT resources with ease and security. Further, with all of the functionality falling away from macOS Server, many are right to wonder if the entire platform will be supported in the near future. So, IT admins in this situation are starting to look for more of the hosted solutions Apple speaks of in its support documentation, and when they do, they begin to find JumpCloud® Directory-as-a-Service®.
A True Open Directory Emerges
Because the majority of organizations are not homogeneous computing environments, Directory-as-a-Service is appealing because as a third-party, neutral product it can enable user access to virtually any resource a user needs. That access includes systems (Mac, Linux, and Windows), web apps (Salesforce®, Slack, GitHub), cloud-based infrastructure (AWS®, Azure®, Digital Ocean), file servers in the cloud and on-prem (Box™, G Drive™, NAS/Samba devices), networks through the RADIUS protocol, productivity suites including G Suite and Office 365, and many more with a single set of credentials. No more password fatigue and identity silos for your users, just one identity for virtually every IT resource they need via True Single Sign-On™.
Not A JumpCloud Customer?
Instead of wondering “What is Apple Open Directory?”, consider a directory services solution that enables access to the full breadth of IT resources in your environment. If you’re ready to try the next generation of directory services, give JumpCloud Directory-as-a-Service a try for free today by signing up for a free account. With a free JumpCloud account you’ll be able to manage 10 users free, forever. If you need to manage more than that, give our pricing page a visit. You can learn more about JumpCloud by visiting our blog, Knowledge Base, and YouTube channel for additional information.