Can you manage on-prem Samba file server access from the cloud? This is a question that many IT admins are asking as they look to shift more of their infrastructure off premises. As IT transitions to cloud infrastructure, they often find themselves in a hybrid state with some resources in the cloud and others on-prem like Samba and NAS file servers.
In this hybrid setup, the right IT management tools can make a huge difference. Many helpful IT management tools have taken to a cloud, SaaS based model, but unfortunately, the identity management sector has been slow to follow. While first generation IDaaS platforms – essentially web application single sign-on solutions – have existed in the cloud for many years, the core identity provider has not. This has made it challenging to properly manage and secure Samba file server access (along with many other elements of modern, hybrid IT infrastructure).
So let’s take a look at why the identity management sector has been slow to adopt the cloud.
On-Prem IAM wasn’t Built for the Cloud
The reasons for the directory service to remain on-prem have largely been tied to legacy infrastructure. Historically, the core identity management platform for an organization has been Microsoft Active Directory® (AD). AD was designed in the late 1990s when the cloud wasn’t around and the model was for IT resources to directly connect to AD. This is why remote users require access to a VPN in order to directly connect to the AD server.
Of course, if an organization is using AD or another on-prem identity provider such as OpenLDAP, it makes sense that you can connect your Samba file server to it. But organizations have many different reasons for wanting to avoid these on-prem platforms – cost and compatibility being foremost among them. As IT organizations shift their IT management infrastructure to the cloud (including their identity provider), providing authentication services for on-prem resources such as Samba file servers needs to be a part of the plan.
Cloud IAM didn’t Include On-Prem Resources
Unfortunately, most cloud identity management platforms up to this point have ignored file servers. Instead, first generation cloud IAM platforms focused on identities for web applications. This left cloud-forward organizations with limited options for centrally managing their on-prem resources such as systems (Windows, Mac, and Linux), file servers (Samba and NAS), and WiFi networks. Usually that meant authenticating one set of resources through a legacy identity management platform and another set of resources through the cloud. Of course, this isn’t very efficient and it defeats the purpose of moving to the cloud.
What IT organizations are really looking for is a holistic cloud identity provider to manage authentication to on-prem and cloud resources including Samba file servers. A new generation of cloud identity and access management called Directory-as-a-Service (DaaS) is doing exactly that.
Manage Samba File Server Access from the Cloud with DaaS
Through the hosted LDAP-as-a-Service function of Directory-as-a-Service, IT admins can manage Samba file server access from the cloud. IT admins simply populate their users into the cloud directory and then enable access to the file server. In addition to file server access, the core identity can be leveraged for access to Mac, Linux, and Windows systems, web-based and on-prem applications, data, and wired and WiFi networks. IT can take advantage of the cloud, keep their NAS file servers, and centralize their identity management.
For more information on how you can manage on-prem Samba file server access from the cloud, we hope you’ll drop us a note. You can also find out more about our LDAP-as-a-Service by watching the whiteboard video below or by signing up for a free account. You’ll be able to test all of our features, and your first ten users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud