Cloud Directory Replacement

Cloud Directory Replacement

Most IT admins will tell you that implementing a cloud directory replacement for traditional, on-prem identity providers, such as Microsoft® Active Directory® (AD), makes a lot of sense. The challenge is that AD is so entrenched in so many IT organizations that the thought of shifting to a cloud directory alternative can seem daunting. Yet, as the IT landscape continues to shift and evolve, legacy approaches to identity management are breaking down. Why? Let’s take a trip down memory lane to find out.

Traditional Directory Services

Replacing Active Directory in the cloud

The modern era of identity management kicked off in 1993, when Tim Howes and his colleagues at the University of Michigan invented the LDAP authentication protocol. This innovation would inspire a new generation of identity management solutions, namely, OpenLDAP and Active Directory. Both of these solutions would go on to become market leaders in the directory services market. Active Directory, would ultimately become the on-prem market leader, primarily because IT environments were essentially all Windows-based and on-prem in the late 1990s when AD (and OpenLDAP) was introduced.

Challenges with Traditional Directory Services

Active Directory fails in the cloudAs the IT environment started to move away from Windows-based systems and applications in the mid-2000s, a number of identity management challenges emerged. These challenges included the inability to control non-Windows IT resources with AD, maintaining security in hybrid or cloud environments, and a market-wide shift away from on-prem infrastructure altogether.


The key drivers behind these challenges were innovative IT solutions such as AWS® cloud infrastructure, G Suite and Office 365 productivity suites, Mac® and Linux® systems, web applications such as Slack®, Github®, Salesforce®, and more. Solutions such as these offered numerous advantages compared to traditional, on-prem alternatives, such as decreasing costs while increasing efficiency. However, one consequence was that traditional directory services solutions struggled with non-Windows resources and those that weren’t on-prem, since a direct connection was required.

Of course, there are third-party solutions available, such as web application single sign-on, identity bridges, privileged identity management, and more, which can be layered on top of (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at:

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 152 posts and counting.See all posts by vince-lujan