The IT industry is full of initialisms: CPU, FDE, HTTPS, VLAN, IAM. The list is so extensive; it’s often hard to keep track. So it’s understandable if you’re asking the question: what is AD DS? AD DS is an acronym for Microsoft®’s Active Directory® Domain Services. Essentially, AD DS is the umbrella solution of Active Directory. In order to understand what AD DS is today, however, we need to step back and understand the history of the identity and access management (IAM) space.
The History of IAM
The modern IAM space was largely kicked off with the introduction of the LDAP protocol. LDAP would then serve as the basis for two major directory services solutions: Microsoft Active Directory (AD) and OpenLDAP™, among many other smaller solutions. AD would go on to become the commercial market share leader, while OpenLDAP would lead the open source space. Both solutions became widely regarded as the bread-and-butter identity providers (IdP) for organizations worldwide.
The concept behind the identity provider was to create a central user and data store for an organization. User accounts would be stored within the IdP along with IT resource information. These two sets of objects would then be interrelated to connect users to the IT resources they needed. These resources, such as systems, applications, networks, and more, would each be tied directly to the user identities that needed them, as well as limited by the privileges of that specific user’s role.
In the case of Active Directory Domain Services, this was done for largely Windows networks and resources. Because the average IT network at the time was virtually all Windows-based, AD DS made a great deal of sense. A user could login to their machine and the domain controller (AD DS) would enable access to whatever the user needed and was authorized to.
Struggles of AD DS in Modern IAM
While it was at the top of the domain controller market, AD DS started to struggle in the face of a changing IT world. The challenge with the Active Directory approach to directory services (Read more...)