Cloud LDAP Solution

The Lightweight Directory Access Protocol (LDAP) is the core authentication protocol leveraged for authenticating virtual user identities in IT organizations. It is the backbone of on-prem identity management solutions like OpenLDAP™ and Microsoft Active Directory® (AD). However, as more IT resources shift to the cloud, many IT organizations are looking for a cloud LDAP solution.

The good news is that a new generation of hosted LDAP solution has emerged that has revolutionized the way IT organizations think about LDAP. It’s called Directory-as-a-Service®, but before we discuss the benefits of a cloud LDAP solution, it’s important to understand why a cloud LDAP solution is significant in modern IT.

On-Prem LDAP Solution

nas server

The origin of LDAP stretches back to 1993 when our advisor, Tim Howes, and his colleagues at The University of Michigan released their lightweight alternative to the X.500 directory service protocol. They called it LDAP, and it has since become one of the most well known methods of authenticating user identities for access to IT resources.

Two core solutions emerged from the LDAP protocol. The first, of course, was OpenLDAP – the open source iteration of the LDAP protocol. The other was from Microsoft, which combined LDAP and Kerberos to create Active Directory.

OpenLDAP has been highly successful primarily in data center implementations. However, it was Active Directory that would go on to become the most dominant Identity and Access Management (IAM) solution for users and systems to date. Nevertheless, they were both built on the foundation of LDAP.

However, the effectiveness of AD, and OpenLDAP for that matter, really comes down to two primary factors. For one, they were both optimized for the on-prem, homogenous IT environments that existed prior to the introduction of the cloud. The other factor is that IT resources had to be directly bound to their domain.

Neither of these factors presented challenges prior to the introduction of the cloud. For example, AD was introduced when the vast majority of IT resources were still Windows-based and on-prem, so it made sense to also have a Windows-based management solution that was also on-prem.

The (Read more...)

*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at:

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 172 posts and counting.See all posts by vince-lujan