The directory services space has become far more interesting lately. With the shift to the cloud, new cloud identity and access management (CIAM) solutions are appearing left and right. One particularly powerful example of a CIAM solution is called JumpCloud® Directory-as-a-Service®. This cloud directory is integrating more capabilities than simply authenticating and authorizing user access. In this post, we’ll explore the cloud directory feature: cross platform GPOs. But first, we should provide some context.
What is Group Policy in Active Directory?
Microsoft® Active Directory® (AD) has been the leader in the directory services space for almost two decades, and much of how IT admins view the space was shaped by their innovations.
AD not only authenticated and authorized user access to Windows® based IT resources like never before, but it also introduced the concept of group based policy management for Windows systems. This approach became known as Group Policy. Group Policy Objects (GPOs) were the instantiation of this concept.
GPOs were basically templated scripts, commands, and policies that could be executed on Windows machines. The idea behind GPOs was to give IT admins a way to remotely and centrally manage their Windows fleet with security policies, task execution, and virtual system management. Not surprisingly, IT admins loved it.
In fact, GPOs would go on to become one of the most critical and valuable components of AD. However, as the IT landscape started to shift, with more Mac® and Linux® systems making their way into the organization and more data centers moving to cloud infrastructure providers such as AWS®, Google Cloud Platform™ (GCP), and others – the traditional concept of GPOs became limiting.
Limitations of Active Directory GPOs
The trouble with Active Directory GPOs was (and still is) that IT admins wanted a way to have GPOs for Mac and Linux systems. Yet, Microsoft wasn’t completely interested in supporting competing platforms. Of course, IT admins could find third party solutions that could be integrated with the on-prem AD instance to effectively provide GPOs for Mac and Linux, but that forced IT organizations to further build out their on-prem infrastructure and obtain more solutions.
This is almost the complete opposite of what modern IT organizations want to do. Modern IT organizations want to centralize their identity management infrastructure with one comprehensive management platform. They don’t want a decentralized approach to identity management with a series of add-on solutions that are adjunct to the on-prem directory service. They want to eliminate the majority of their on-prem identity management infrastructure in favor of more powerful cloud alternatives.
These challenges and more have caused a great deal of friction over the years. Fortunately, a new approach to cross platform GPO-like capabilities has emerged as a result. This new cloud identity management solution, called JumpCloud Directory-as-a-Service, is a next generation cloud directory that delivers not only authentication and authorization services, but system management capabilities across Windows, Mac, and Linux machines as well.
JumpCloud Cross-Platform GPO-Like Capabilities
JumpCloud Directory-as-a-Service is a next generation cloud directory service that seamlessly manages and connects users to their systems, applications, files, and networks. Cross-platform group based policies, referred to as JumpCloud Policies, are a key feature of this cloud directory.
JumpCloud Policies enable IT admins to deploy templated policies, commands, and scripts designed to manage system behaviors. The end result even has a similar feel to traditional GPOs. The key difference is that JumpCloud Policies work for cross-platform system environments, whereas AD GPOs are limited to Windows-based systems.
With the JumpCloud platform, IT admins can now centrally manage user access to IT resources, regardless of platform, provider, protocol, or location – including their fleet of cross platform systems from the cloud. The best part is the JumpCloud platform achieves this without any on-prem infrastructure, unlike AD. In fact, you can think of the JumpCloud approach to identity management as the reimagination of Active Directory and LDAP for the cloud era.
Learn More about the Cloud Directory Feature: Cross Platform GPOs
Check out our whiteboard presentation to learn more about JumpCloud System Policies. You can also contact JumpCloud, schedule a demo, or sign up for a Directory-as-a-Service account and explore the cloud directory feature: cross-platform GPOs today. Your first ten users are free forever to help you discover the advantages of the JumpCloud platform at no cost.
This is a Security Bloggers Network syndicated blog post authored by Vince Lujan. Read the original post at: JumpCloud