With 91% of enterprise organizations using Macs (Jamf), many IT admins can’t help but ask, can I integrate Macs with Active Directory?
Actually, yes. It is possible to integrate Macs with Active Directory, and there are a few methods for doing so. Past solutions have involved implementing a directory extension, or manually managing the Mac systems in an environment, but these approaches are costly and inefficient. This new approach is a cloud identity bridge that federates AD-bound identities to your Mac systems. You don’t have to worry about adding new infrastructure to deploy and manage, and you leverage your existing Active Directory instance.
Of course, many organizations are considering moving off of Active Directory altogether. For them – and for companies that don’t yet have a directory – getting a fresh started with a unified cloud directory is often the best approach.
In either case, it is in IT’s best interest to gain control over Macs in their environment. But first, let’s take a look at why organizations are in this predicament to begin with.
How Unmanaged Macs became a Reality
In the 1990’s, Tim Howes created LDAP, a lightweight protocol used to authenticate users to resources. In the spirit of LDAP, Microsoft built Active Directory®, a directory service that helps IT admins manage users and resources in their environment. Group Policy Objects (GPO’s) was one of Active Directory’s features that provided IT with optimized control over the systems in their environment. GPO’s made it possible for IT to remotely and securely control Windows systems and it worked great as long as IT organizations used Microsoft resources.
In the mid 2000’s, the workplace started seeing an increase in Mac and Linux use. Microsoft wasn’t too excited about these new non-Windows systems taking over their monopoly, so they made it challenging to integrate Mac and Linux systems with AD. Directory extensions and manual management surfaced as two approaches some IT admins took to managing Macs in their environment. Many have opted for no management at all due to the cost and time sink that came with both (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/can-integrate-macs-active-directory/