What’s Better than Active Directory?

IT admins have been using Microsoft® Active Directory® (AD) for almost two decades now. In fact, it is one of the most widely used directory services platforms on a market share basis. Yet, as the world shifts to the cloud, IT admins can’t help but wonder, “What’s better than Active Directory?

It’s a great question, which deserves some background to understand how and why AD became such a dominant identity management platform. Let’s dive in!

The Origin of Identity Management

old office

The story of identity management actually begins before AD was introduced. It began when Tim Howes and his colleagues at the University of Michigan kicked off the modern era of identity and access management (IAM) with the advent of the LDAP protocol.

LDAP led to a number of innovations in the space, including the identity providers: OpenLDAP and Active Directory. AD quickly became a hit because it was tightly integrated with the Windows operating system and worked on-prem. The world in the early 2000s was virtually all Windows and the entire IT infrastructure was located close at hand or was just a VPN away. The result was that IT organizations adopted AD in droves.

Active Directory also had some significant capabilities that helped it to be successful including user and system management capabilities. As long as you were connecting users to Windows systems and resources, you effectively had a single sign-on platform. The user would login to their machine, while connected to the network, and then have access to anything that they needed. IT organizations also benefited with control over Windows systems via Group Policy Objects (GPOs).

With that in mind, it is easy to see why AD was so popular and useful, and why this approach to identity management worked for a number of years. But then, the IT infrastructure started to change and morph.

The Changing of the Guard


Mac® and Linux® machines started to infiltrate the once Windows dominated desktop and laptop market in the mid-2000s. Applications shifted to the web shortly thereafter. Server infrastructure started to be delivered (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/whats-better-than-active-directory/

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 170 posts and counting.See all posts by vince-lujan