What Is LDAP-as-a-Service?

By Vince Lujan Posted March 20, 2019

What is LDAP-as-a-Service? The term LDAP-as-a-Service describes a subset of identity management solutions that offer LDAP functionality as a cloud-based service, rather than a traditional on-prem implementation.

So, what is LDAP? LDAP is an authentication protocol and effectively an implementation of directory services that has been used to securely manage and connect users to a variety of IT resources that leverage LDAP for authentication purposes. However, the challenge has been that traditional LDAP implementations require significant investment in on-prem hardware, integrations, and maintenance.

Of course, this is where an LDAP-as-a-Service solution can be useful.

LDAP Synopsis

The Lightweight Directory Access Protocol (LDAP) has been a core authentication protocol in the IT space for many years now. LDAP was created in 1992 at the University of Michigan, and was the brainchild of Tim Howes (our advisor and friend) and his colleagues.

Originally developed for use with on-prem networks of legacy systems and servers, LDAP has since become one of the internet standards for authentication and has inspired the creation of powerful LDAP-based directory services platforms. Even next generation cloud directories continue to leverage the LDAP protocol and directory implementations for inspiration and authentication services. In fact, cloud directories often provide LDAP functionality as part of a comprehensive cloud-based service.

Prior to the notion of LDAP-as-a-Service, the directory implementation of LDAP and the LDAP authentication protocol were on-prem solutions that required heavy investment into on-prem identity management infrastructure and management. IT organizations were obligated to employ a series of on-prem servers, integrations, and administrators to maintain the LDAP infrastructure. Then, as IT resources shifted to the cloud and began to leverage other authentication protocols such as SAML, RADIUS, and SSH, traditional LDAP implementations began to struggle.

In an attempt to mitigate this struggle, admins found that patching their traditional identity provider with identity federation services such as web application single sign-on (SSO) could ease some of the burden on the LDAP directory. However, the greatest challenge facing traditional LDAP implementations (or benefit depending upon your perspective) is that next generation LDAP-as-a-Service solutions have emerged to replace them. The JumpCloud® Directory-as-a-Service® platform is a great example.

LDAP Reborn

JumpCloud Directory-as-a-Service is a next generation identity provider that includes LDAP functionality as a core part of the platform. This enables JumpCloud administrators to take advantage of the benefits of traditional LDAP implementations, without the hassle of setting it all up and keeping the motor running. The JumpCloud platform takes LDAP-as-a-Service to the next level by also offering authentication services for virtually any IT resource, including cross-platform system environments, web and on-prem applications, third-party storage solutions, and networks spanning multiple locations. As a result, IT organizations can centralize identity and access management services throughout the network, and leverage core user identities to connect users to IT resources via LDAP, SAML, RADIUS, SSH, Samba, and more.

Contact JumpCloud to learn more about LDAP-as-a-Service with the Directory-as-a-Service platform. Sign up for a free account and demo our LDAP functionality for yourself. We offer 10 users free forever to help get you started.

Vince Lujan

Vince is a writer and videographer at JumpCloud. Originally from a small village just outside of Albuquerque, he now calls Boulder home. When Vince is not developing content for JumpCloud, he can usually be found doing creek stuff.

Recent Posts