Web application single sign-on (SSO) solutions are abundant in the enterprise today. Cloud applications are helping organizations work faster and more efficiently, so SSO vendors such as OneLogin® are helping to connect users to the rest of their infrastructure. As a result of SSO vendors’ growing popularity, many IT organizations are beginning to wonder if they can do more with their SSO solution. On a related note, one of the largest struggles of the modern IT environment is dealing with the challenges of Active Directory® (AD). It is clear a new solution is needed. Can a single sign-on platform do more than just provide access to web apps? Specifically, can you replace AD with OneLogin or some other SSO vendor?
The Rise of Application SSO Vendors
Applications have been in the cloud for a while now, but there are still new areas of IT infrastructure moving to the cloud. Servers, productivity platforms, file storage, and now even the directory is moving to the cloud. It makes sense that IT admins are trying to shift their setup completely to the cloud. The benefits and productivity the cloud offers are second to none. Unfortunately, most medium and large organizations still manage and maintain their identity management infrastructure on-prem. The core of most companies’ Identity and Access Management (IAM) approach is Microsoft® Active Directory, their on-prem identity provider.
IT admins have long been tied to AD because of the prevalence of Windows-based and on-prem infrastructure. Active Directory was designed to function in that environment, and for a while it thrived in the enterprise. But as we all know, things rarely stay the same for long in technology. One of the first IT resources to make the move away from the on-prem enterprise was applications. These cloud-based apps created a problem for AD because it couldn’t connect users to their web-based applications. This is how and when SSO vendors rose to prominence. By finding a way to connect AD identities to web applications, SSO vendors filled a big gap in AD’s capabilities.
Of course, the changes in the IT landscape didn’t stop there. Cloud infrastructure from AWS and others replaced on-prem data centers. Mac and Linux systems soared in popularity. Samba file servers and NAS appliances eliminated the need for Windows file servers. These changes, and many others, are driving IT admins away from Active Directory.
Can You Replace AD with OneLogin?
With IT admins starting to move away from AD, a logical question that arises is whether or not their web app SSO solution can replace Active Directory. Unfortunately, you can’t replace AD with OneLogin or other web app SSO solutions. OneLogin doesn’t feature the full suite functionality that IT admins have come to expect from a directory, such as robust system management. Rather, in most cases, it operates as an adjunct to AD or another authoritative directory.
Can You Replace AD with a Cloud Directory Service?
A cloud-based directory service can include SSO functionality but it is not the same thing as web app SSO. Even though they both play in the IAM field, the two categories are actually quite different. In fact, a modern approach to the on-premises identity provider does exist, and it goes by the name of JumpCloud® Directory-as-a-Service®.
This cloud-based directory is connecting hundreds of IT admins to all of the resources they need today, regardless of the platform, protocol, location, or provider. Now, admins can manage and connect user accounts to systems (Mac, Windows, Linux), web and on-prem applications (via SAML, LDAP), cloud and local servers (AWS, GCE/GCP), physical and virtual storage (Samba, NAS devices, Box), and WiFi and wired networks (via RADIUS). With one identity, your users can access all of the IT resources they need. Not only can JumpCloud Directory-as-a-Service function as a True Single Sign-On™ provider, but it also eliminates the need for and on-prem Active Directory deployment. Because the centralized JumpCloud cloud directory includes robust system management capabilities, it actually can function as a complete alternative to Active Directory.
Replace AD with JumpCloud
Unfortunately, you can’t completely replace AD with OneLogin or any other SSO vendor. JumpCloud Directory-as-a-Service however, was built just for that. Check it out by signing up for a free account. There you can test any aspect of the platform and see exactly how the JumpCloud cloud-based directory operates as an AD alternative. If you want to see a live demo, you can also sign up for a demo here. If you have any questions, feel free to contact us. We would be happy to help in any way we can. Check out the directory service built for modern IT today!
This is a Security Bloggers Network syndicated blog post authored by Jon Griffin. Read the original post at: JumpCloud