{"id":46125,"date":"2020-05-14T09:00:00","date_gmt":"2020-05-14T15:00:00","guid":{"rendered":"https:\/\/jumpcloud.com\/?p=46125"},"modified":"2021-12-03T15:32:31","modified_gmt":"2021-12-03T20:32:31","slug":"making-ad-work-with-remote-workers","status":"publish","type":"post","link":"https:\/\/jumpcloud.com\/blog\/making-ad-work-with-remote-workers","title":{"rendered":"Making AD Work with Remote Workers"},"content":{"rendered":"\n

A world where Microsoft Active Directory (AD)<\/a> thrives looks much different than the world we\u2019re currently working in. Before, workers walked into offices lined with cubicles that each housed their own desk. On each desk typically sat a Windows\u00ae<\/sup> computer, and on that computer was everything an employee needed to do their job.\u00a0<\/p>\n\n\n\n

Now, employees use web applications and productivity suites to accomplish daily tasks, networks are wireless instead of wired, employees work on different operating systems (Windows, macOS, and Linux), and much of the world is working from home. This new way of working challenges organizations hosting Microsoft\u2019s legacy directory service, as it struggles to manage user access to resources beyond the Windows domain.<\/p>\n\n\n\n

Below, we\u2019ll discuss key components admins need to address for enabling users as they work from home, and how they can make AD work for a remote workforce.<\/p>\n\n\n\n

Remote Users Need to Access Their Work<\/h2>\n\n\n\n

Previously, only a small percentage of the user population was remote, so the focus on enhancing the remote user experience wasn\u2019t necessarily there. Typically, IT admins taught the few users who worked from home how to work around issues, with the goal to get everybody productive quickly.<\/p>\n\n\n\n

Now, remote user troubleshooting no longer applies to the minority of your workforce. It\u2019s not as simple as helping one user who works from home; entire organizations are now operating on a full-time remote model.<\/p>\n\n\n\n

IT needs to efficiently enable a wide range of users with access to an even wider array of IT solutions, including legacy and web applications, cloud and on-premises servers, physical and virtual file servers, and WiFi and VPN networks \u2014 all while being remote. The challenge with AD is that it wasn\u2019t built for cloud technology and remote working. <\/p>\n\n\n\n

Managing Access to Cloud Resources<\/h3>\n\n\n\n

Active Directory struggles to grant user access to web applications, productivity suites, and Infrastructure-as-a-Service (IaaS) platforms like AWS\u00ae<\/sup>. As a result, admins enable point solutions to manage user access to non-Windows or cloud-based resources. <\/p>\n\n\n\n

Maintaining numerous identity management solutions is difficult for IT teams, especially when remote. Each solution requires its own level of manual implementation and maintenance, and siloing identities<\/a> between different platforms has potential to harm the organization if not properly managed. <\/p>\n\n\n\n

For example, when deprovisioning user access, IT teams have to make sure they\u2019ve removed that user\u2019s access to each solution. If by some chance internal IT doesn\u2019t, a former employee could still gain access to sensitive organizational information after they\u2019ve left the organization.<\/p>\n\n\n\n

Tunneling Back to the On-Prem Domain<\/h3>\n\n\n\n

In addition to instantiating point solutions, organizations using legacy directory services connect users back to the on-prem domain with VPNs. While IT teams may still want to use VPNs as an added layer of security, it\u2019s not necessary to tunnel back to an on-prem domain in the first place when many of the resources employees use live outside the domain. <\/p>\n\n\n\n

Securing Machines Remotely<\/h3>\n\n\n\n

In addition to enabling access to IT resources, IT admins are often required through compliance guidelines or internal policies to secure the systems employees work on. This can be challenging for non-Windows systems and even for remote systems that are Windows-based and ultimately connected to AD via a VPN.<\/p>\n\n\n\n

Systems are the user\u2019s conduit to their work. IT teams need to ensure they\u2019re locking down remote systems<\/a>, regardless of provider. Doing so not only protects the users from compromised systems, but it also safeguards sensitive network information. Generally, there also needs to be some training for end users in order to make them productive and safely enable their access to IT resources. <\/p>\n\n\n\n

Using The Cloud to Make AD Work With Remote Workers<\/h2>\n\n\n\n

There\u2019s a lot that goes into enabling your users to work from home, and Active Directory may only solve part of that. Instead of trying to solve each remote management issue as it arises, which can be frustrating and tedious, perhaps the best approach you can take is to connect AD with a single, comprehensive solution built to accommodate the new normal<\/a>.<\/p>\n\n\n\n

JumpCloud Directory-as-a-Service<\/a> is the first cloud directory service designed to support your users no matter where they may be, or what platform they\u2019re working on. Using JumpCloud\u2019s AD Integration<\/a>, organizations extend AD-managed identities beyond the on-prem domain, granting user access to their resources from one location, including:<\/p>\n\n\n\n