Is there an Open Source Azure® Active Directory®?

Is there an Open Source Azure® Active Directory®?

As the IT world continues to migrate to the cloud, Microsoft® continues to push Azure® Active Directory as their platform of choice. But as many IT admins know, Azure AD just isn’t a viable replacement for the on-prem Active Directory®. The result is that IT organizations are left asking, “Is there an open source Azure Active Directory alternative?” Let’s briefly explore the question together.

Searching for an Open Source Azure Active Directory

gpo alternative

In a sense, IT admins are looking for an OpenStack®-like alternative to AWS® or other IaaS platforms. Released in 2010, OpenStack is essentially “a free and open-source software platform for cloud computing” from which virtual resources can be used. OpenStack has achieved some success as a software platform, but its results are instructive as IT organizations consider the use of an open source directory services platform.

Unfortunately, an open source replacement for Azure Active Directory just isn’t available. There are, of course, a number of on-prem open source directory services and identity providers delivered as software. Some examples include OpenLDAP, SambaTM, and FreeIPA. All three of these open source authentication platforms are useful and can benefit organizations, but they aren’t going to end up being a replacement to Azure AD.

Outside of the obvious difference between Azure AD and other open source identity providers (Azure AD is certainly proprietary), the challenge with these open source directory services solutions is that, ultimately, they inhibit IT organizations from being able to authenticate to a wide range of IT resources. Each of the open source identity providers is greatly positioned to cater to a specific slice of the market, intentionally limiting the breadth of their functionality to do so. In the case of OpenLDAP, for instance, the LDAP protocol is the primary path. FreeIPA, on the other hand, adds in the Kerberos® protocol. Samba does this a well, but can also act as more of a domain controller in the process. None of these platforms deeply integrates with systems to provide Microsoft Active Directory (MAD) controls.

Open Source (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at:

Zach DeMeyer

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

zach-demeyer has 348 posts and counting.See all posts by zach-demeyer