IT admins are the arbiters of control when it comes to user access of IT resources. Their main tool of doing so is the directory service, most often the legacy, on-prem Microsoft® Active Directory® (MAD or AD). For those that don’t know about it, Active Directory is easy to misunderstand. Before we dive into the definition of Active Directory, however, it is best to first understand directory services as a whole.
What is a Directory Service?
The directory service is a tool used by IT admins to create and manage identities for their users, and then give those identities access to the resources they need to use. By leveraging identity and access management (IAM), namely a directory service, IT admins can improve security in their organizations, and ensure that work happens smoothly. It is a functionality that many employees often take for granted.
So, what is Active Directory® anyways?
Microsoft Active Directory is one such directory service, and one of the most widely used directory services in the world. Originating in 1999, Active Directory is based upon LDAP, the Lightweight Directory Access Protocol, as well as Kerberos and other proprietary protocols. In those days, AD was one of many Windows® softwares used by the workforce, and since they were all under the Microsoft umbrella, AD easily linked users and their Windows-based resources.
IT started to evolve in the mid-2000s, however, and AD’s grip on the industry started to slip. Users started to use other platforms, such as Mac® and Linux®, while AD could really only dole access to Windows users effectively. The advent of WiFi, laptops, and other network changes required organizations that utilized AD to implement big infrastructure changes, like VPNs and RADIUS servers among others, which in turn cost IT enterprises a lot of time and money. As if those changes weren’t enough, IT began a shift to the cloud.
The idea of widespread use of resources via the Internet was one that was appealing to software vendors. This mindset led to the development of Software-as-a-Service (SaaS) solutions. While many (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/definition-of-active-directory/