Apple’s Open Directory platform had been commonly used for system management at organizations with Macs. But, Apple seems to be indicating that the end of life of Open Directory is near and it’s likely that identity management isn’t part of Apple’s plans for the future. As a result, Open Directory shouldn’t be part of your future plans either, which is why IT organizations are wondering if they can find an outsourced Open Directory or another alternative to Apple’s likely decommissioned directory solution.
Needing a Replacement for Open Directory
Open Directory has long been a favorite of Mac admins. Built upon the open source OpenLDAP™ solution, Apple customized it and made Open Directory more tightly aligned to the Mac platform. Apple even embedded components that would make it more Microsoft Active Directory®-like, with support for domains and Kerberos. This was all designed to set Apple up to compete with Microsoft in the enterprise. However, it seems that Apple has stopped pushing towards that goal as of late.
As Apple has shifted their focus away from the enterprise market, one of the casualties of that decision has been the OS X Server, which is now called the macOS Server. The macOS Server used to be delivered on a hardware appliance, but Apple has now shifted to just delivering the solution as a $20 piece of software. Apple appears to be content to gradually step away from the enterprise server software and hardware market.
As a result, IT organizations that are leveraging Open Directory will likely be looking for a replacement solution soon. That solution could be an outsourced Open Directory platform provider, but more likely it will come in the form of a third party identity provider.
A More Modern Identity Provider
Microsoft Active Directory is often considered to be the leading legacy on-prem directory service, but, as Mac admins know, connecting Macs to AD is a struggle. OpenLDAP is a potential alternative to Open Directory as well, but that too lacks in its ability to seamlessly integrate with Mac devices. The challenges do not end there either. IT admins must also deal with the changing IT environment, where the goal is often to shift IT infrastructure to the cloud and not have more IT resources on-prem.
Fortunately, a new solution is emerging that can act similarly to an outsourced Open Directory solution – Directory-as-a-Service®. A core component of this modern, next generation cloud directory service is tight integration with Mac systems. With the cloud-based directory, IT admins can not only manage users, but also Mac devices. This is done through Policies and Commands, which are similar to AD’s use of GPOs for Windows machines.
In addition, Directory-as-a-Service is delivered as a SaaS-based solution from the cloud for on-prem, cloud, and remote users and IT resources. As a cloud directory, this platform can also support LDAP authentication, SSO via SAML, WiFi authentication via RADIUS, and all three major OS platforms – Windows, Mac, and Linux are supported. With this setup, not only do you no longer need to worry about managing the Macs in your environment, you get the rest of your IT infrastructure covered as well.
Better than Outsourced Open Directory
If you would like to learn more about the outsourced Open Directory like features of JumpCloud’s Directory-as-a-Service, make sure that you give us a call. We would be more than happy to answer any questions that you might have, and can get a demo set up as well. Alternatively, if you would like to take the platform for a spin yourself, you can do that by signing up for a free account. We offer 10 users free forever, with no credit card needed to sign up, so you have every incentive to give JumpCloud a try.
This is a Security Bloggers Network syndicated blog post authored by Jon Griffin. Read the original post at: JumpCloud