By Ryan Squires Posted February 20, 2019
The question surrounding what is OpenLDAP™ has a number of different answers to it. Of course, there is the factual, historical context of OpenLDAP that can easily be found using Wikipedia. The answer we’re looking for is a bit more practical in nature, however. What we’re after is the more interesting aspects of the questions surrounding the query of what is OpenLDAP. Specifically, what does OpenLDAP enable IT organizations to do, and when is LDAP most useful?
First, Some LDAP History
OpenLDAP built on the success of the LDAP protocol, which was created by Tim Howes and his colleagues at the University of Michigan. In fact, LDAP was so popular that it became the internet’s standard authentication protocol in the late 90s and early 2000s. That popularity drove OpenLDAP to become the most widely used instantiation of the LDAP server available, despite the recent announcement from RedHat and SUSE that they will discontinue including OpenLDAP in their products. Instead, RedHat and SUSE will shift from OpenLDAP to the 389 Directory Server, which RedHat owns. The reason for this move is simple, RedHat will charge for technical support. Regardless, LDAP remains an incredibly important authentication protocol for many organizations.
OpenLDAP Uses and Identity Management
Many of the organizations that require OpenLDAP need it for mostly technical solutions. That includes Linux® servers and Linux-based applications. For that reason, historically, OpenLDAP has been favored by the ops crowd and those that are generally in favor of open source solutions. From that open source nature springs OpenLDAP’s incredible flexibility, which is a function of its design. Due to its flexibility, IT and DevOps engineers are free to use it in a variety of ways.
What we will focus on is OpenLDAP’s usage as an identity provider (IdP). It has been widely implemented within data centers for access to technical solutions. But, when you throw Windows® machines into the mix, organizations generally favor using Microsoft® Active Directory® to authenticate and manage their Windows-based systems and applications. The reason being is that Microsoft specifically tuned these two resources to work together. The end result, however, is that often an organization will run multiple directory services solutions, which obviously increases IT admins’ and DevOps engineers’ workloads and environmental complexities.
OpenLDAP from the Cloud
The good news is that more recently, a next generation implementation of OpenLDAP has emerged to take the heavy lifting out of building and maintaining an on-prem OpenLDAP infrastructure. Called JumpCloud® Directory-as-a-Service®, this cloud-based directory integrates hosted OpenLDAP along with functions such as SSH key management to become an organization’s central identity provider—thereby eliminating the need for OpenLDAP, 389 Directory, and/or Active Directory on-prem. Ultimately, the increasingly complex workloads that IT admins and DevOps engineers found themselves mired in are now mitigated by the third-party team of experts at JumpCloud. As a result, IT admins and DevOps engineers can simply pay for OpenLDAP functionality on a per user basis, scale accordingly, and leave the configuration and maintenance to JumpCloud.
Learn More About Cloud OpenLDAP and JumpCloud
While the question of what is OpenLDAP has a variety of avenues in which to to answer it, usage is the key. If you want to get started utilizing a cloud OpenLDAP service today, sign up for a free JumpCloud account. With it, you can manage up to 10 users for free. While you’re testing out OpenLDAP, be sure to evaluate our RADIUS, SAML, and system management features as well. If you have questions, be sure to contact us, schedule a demo, or visit the Knowledge Base.