Back in the early 1990s, our advisor Tim Howes and his colleagues at the University of Michigan created the LDAP protocol. This creation was a seminal event in the history of identity management, and marked the beginning of the era of directory services that has continued to this day. Now, however, after over two decades, there is a new generation of directory services emerging with a virtual OpenLDAP platform.
Why is There a Need for a Virtual OpenLDAP?
The creation of LDAP was crucial in the identity management world. At the time, controlling users and their access was an incredibly heavyweight process that required leveraging the X.500 specifications and protocols. As personal computers were emerging, Howes and his team realized that there needed to be a better way to control access to these machines.
This need is what inspired their creation of LDAP. Eventually, the LDAP protocol would go on to inspire two significant directory services solutions that we still see today, OpenLDAP™ and Microsoft Active Directory®. Both were beneficial in their own way and would become dominant in the open source and commercial areas of the identity and access management landscape.
OpenLDAP went on to be the popular open source solution for controlling access to more technical solutions, like Linux-based systems and applications. The challenge with OpenLDAP though has always been that it is complex to setup and manage. As an open source solution, OpenLDAP relies on a high caliber of technical expertise to manage and run. This meant that you needed a highly trained admin on staff to even consider OpenLDAP an option. On top of that, OpenLDAP requires the admin to ensure that the system is highly available and secure. This can mean additional infrastructure for redundancy, and a greater workload to verify security. Perhaps the most significant issue though is connecting systems and applications to OpenLDAP, as there are often a plethora of configurations to understand and tweak. If this setup isn’t handled correctly, it can drastically impact the functionality and end user experience of your network.
OpenLDAP Without the Management and Maintenance
Many IT organizations want the benefits that an OpenLDAP server can provide, but often stray away from the route to avoid the challenges. Fortunately, as mentioned, there is a new generation of directory services that essentially acts as a virtual OpenLDAP platform. This platform, called Directory-as-a-Service®, is emerging to solve a number of the issues prevalent with the previous generation of directory services solutions and provide turnkey, as-a-service directory services for IT organizations. This cloud identity management platform securely manages and connects user identities to the IT resources they need, regardless of platform, protocol, provider, or location. A key part of the functionality of this modern IDaaS platform is LDAP-as-a-Service, otherwise known as virtual OpenLDAP.
The benefits of JumpCloud’s virtual OpenLDAP service is that the platform is managed for IT admins. They simply connect their application to a cloud OpenLDAP endpoint, and load their users into the cloud directory. Authentication then happens seamlessly via LDAP. There is no equipment to manage, software to update, and infrastructure to secure. IT admins get LDAP-as-a-Service without the heavy lifting.
Try JumpCloud’s Virtual OpenLDAP Offering
If you would like to learn more about how you can leverage an OpenLDAP service, reach out to us. We would be happy to answer any questions that you may have on the matter. You can also watch the video included above, where JumpCloud’s CPO Greg Keller offers a detailed description on how it works. Alternatively, you can sign up for a free IDaaS account and check out our cloud directory for yourself. Your first 10 users are free forever, with no credit card required, so there’s no reason not to give it a shot.
This is a Security Bloggers Network syndicated blog post authored by Jon Griffin. Read the original post at: JumpCloud