Are there viable, open source identity management solutions for IT organizations? Many IT admins are familiar with the usual open source IAM solutions such as OpenLDAP™, Samba, and FreeIPA, to name a few, but are there others that could be helpful? Let’s take a quick look at the identity management space to find out.
Traditional Identity Management
Microsoft® Active Directory® (AD) has been the most successful identity management solution (on a market share basis) for almost two decades. AD is an on-prem directory services platform designed to manage Windows® user identities and their systems. Naturally, AD is effectively the only identity management tool necessary to manage Windows-based IT networks.
The challenge with AD has always been that Microsoft doesn’t make it easy to support alternative platforms such as macOS® or Linux®. In fact, it’s basically impossible to completely manage non-Windows platforms with the native capabilities of AD alone – Microsoft made sure of that. Consequently, IT organizations that leverage Mac or Linux-based resources, web applications, cloud infrastructure, and anything else that isn’t Windows-based have been forced to seek alternate identity management solutions. One option has been to leverage open source identity management platforms.
Open Source Identity Management
While there are a wide range of open source identity management solutions, very few of them are comprehensive enough to be a replacement to core implementations like AD or web application single sign-on (SSO) platforms. OpenLDAP, for instance, is perhaps the leading open source identity management platform. And while it can come close to delivering similar capabilities that are native to the AD platform, it takes highly skilled and dedicated personnel to achieve, maintain, and especially to secure.
Identity management is a wide category requiring a great deal of consistent focus and investment, which can be difficult for open source projects (of course, not impossible, see Linux!). This is largely the reason that Active Directory has remained the on-prem, legacy identity provider of choice for so many years. However, while there may not be a wide range of open source IAM platforms that can compare (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/open-source-identity-management/