OpenLDAP™ is one of the top two on-prem directory services available today. As an open source solution, one of the main draws for OpenLDAP is that it is extremely flexible. This has always been a benefit for IT admins and DevOps engineers who choose to go that route, but the challenge with the open source path is the technical complexity inherent in managing OpenLDAP. Fortunately, a SaaS OpenLDAP platform is helping to solve these challenges.
LDAP has been around for years, and is still used in many areas of IT today. It’s important to understand its beginnings in order to grasp why it is where it is today. The LDAP protocol was created by our advisor, Tim Howes, and his colleagues at the University of Michigan. This protocol went on to spawn two of the most popular directory solutions out there, namely OpenLDAP and Microsoft® Active Directory®. OpenLDAP, as mentioned, was the most popular open source solution, and Microsoft AD was the most popular commercial option. Each identity provider was useful in a different way, and both have largely shaped the identity management space.
For Active Directory, the main focus was on Windows systems and applications that were located on-prem. Because the office used to largely be Microsoft based and on-prem, this meant nearly everything. From computers, to printers, to data storage and more – infrastructure was built for Microsoft and managed by Active Directory.
In the case of OpenLDAP, their main focus was Linux-based systems and applications, often more technical solutions. The flexible nature of the open source option offered the ability for admins to control resources that AD couldn’t cover, and granted them more control as well. But the innovations of modern IT soon changed the status quo for both OpenLDAP and AD.
Adapting to the Modern IT Environment
These identity providers were excellent initially, but as the IT landscape changed they both became more challenging for IT organizations to leverage. The 100% Windows network started to morph into a heterogeneous environment with macOS and Linux machines, complicating the all Microsoft method that AD required and adding more variables to the OpenLDAP setup. The on-prem data center shifted to cloud providers such as AWS, Google Cloud Platform, Azure, and more, further complicating AD and it’s on-prem requirement. On top of that, web applications became extremely popular and pushed IT still further from the conventional model. All of these changes make it more difficult for OpenLDAP and AD to work well in the modern IT environment.
Because of these challenges, a new approach to identity management is emerging to help solve them. A cloud identity management solution called Directory-as-a-Service® is delivering a variety of critical IAM functionalities including SaaS OpenLDAP capabilities, True Single Sign-On™, cloud RADIUS, system management, Samba and NAS appliance authentication, MFA, and much more.
Using SaaS OpenLDAP
To use the SaaS OpenLDAP solution, IT admins and DevOps engineers simply need to point their applications that rely on LDAP to the virtual LDAP solution. There is no need for installing, configuring, or managing the OpenLDAP infrastructure. IT organizations simply load their users into the cloud directory service, and leverage the identity management capabilities they need.
If you would like to learn more about the cloud-based directory’s SaaS OpenLDAP capabilities, reach out to us. We would be happy to answer any questions that you might have about employing the tool. Alternatively, you can also try out the SaaS OpenLDAP tool for yourself by signing up for a free Directory-as-a-Service account. Your first 10 users are free forever, with no credit card required, so there’s no reason not to give it a shot. Sign up today!
This is a Security Bloggers Network syndicated blog post authored by Jon Griffin. Read the original post at: JumpCloud