Is there an Active Directory® for Linux® that makes sense? Clearly, the Windows-based Microsoft® Active Directory (AD), often the on-prem identity provider for organizations, isn’t a great fit with Linux. Perhaps, however, there is an AD alternative that would accomplish the same types of functions that AD does for Windows®, except for Linux systems.
Linux Management Through the Years
If we take a step back, the idea of tightly controlling access to Linux systems and managing the system itself, similar to group policy objects (GPOs) for Windows, isn’t a new concept. The challenge has always been that the ways that most organizations have done so previously leave a great deal to be desired. This predicament has been especially true as Linux becomes a more popular computing choice for the average organization.
The historical approaches of user and system management for Linux have been to do it manually, script it with configuration management tools, or to stand-up an OpenLDAP™ instance. All three of these options are labor intensive and take time away from other critical DevOps and IT activities. With AWS® Linux environments exploding, developers using Linux for their desktops or laptops, and Linux-based DevOps applications, it is no wonder that the issue of managing Linux users and their systems is critical.
Active Directory is Not for Linux
Of course, one may wonder if Active Directory itself can be used for Linux management. Unfortunately, the traditional directory service was designed specifically to manage Windows systems and their users. By definition, the solution is not as usable for admins seeking to manage their Linux machines.
Vendors created tools called identity bridges, which could be used to assist an AD instance for managing Linux and macOS systems. The challenge with these directory extension tools was that they further cemented AD on-prem and added extra work to manage multiple IAM systems.
An “Active” Directory for Linux and More
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/active-directory-for-linux/