The on-prem directory service has been a staple in virtually every organization for a number of years. In fact, Microsoft® Active Directory® – the legacy identity provider – may have more market share in its area than any other Microsoft solution. There have been alternatives though, with OpenLDAPTM being one of the most popular open source directory services solutions. However, the number of OpenLDAP users still pales in comparison to AD’s usage. But the adoption of AD is beginning to trend down, and it’s because of the cloud. As the identity provider shifts to the cloud, can IT organizations leverage a cloud directory that features LDAP-as-a-Service instead of their on-prem counterpart?
The answer is yes. But, first let’s walk through some history, and then we’ll take a look at why you should consider leaving your on-prem OpenLDAP instance.
The Creation of LDAP
The LDAP protocol was created by our advisor, Tim Howes, and his colleagues at the University of Michigan. The boom of the internet and the growing use of desktop computers created a need for an optimized version of the X.500, the directory services protocol at the time. The X.500 was too complex to be properly supported by desktop computers and the internet, so Tim Howes and his colleagues developed a lightweight version now known as the Lightweight Directory Access Protocol (LDAP). LDAP worked so well that it prompted the creation of the two most popular directory services solutions, Active Directory and OpenLDAP. Each one had its own use cases with AD being best for Windows networks, and OpenLDAP utilized for more technical, Unix or Linux based applications and systems.
The Pro’s and Con’s with OpenLDAP
The benefit of the open source directory service, OpenLDAP, is that it is flexible and IT admins and developers can customize it to their needs via custom schemas. Most organizations have implemented it on-prem and end up managing it internally with their own IT resources. However, the advantages of OpenLDAP are also its downfall. For example, increased flexibility can be more difficult to manage. Often, organizations (Read more...)
*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Natalie Bluhm. Read the original post at: https://jumpcloud.com/blog/cloud-directory-feature-ldap-service/