With so many changes in the IT landscape, it is sometimes difficult to have a finger on the pulse of the various identity management solutions available. As admins explore their options, many IT organizations are seeking an overview of Active Directory® Domain Services (AD DS) to see whether the legacy Microsoft® platform is still right for them. Does the Microsoft domain approach fit the future of identity and access management (IAM)? We will explore this question together.
Historically, leveraging Active Directory Domain Services made a great deal of sense. The office of yore was filled with bulky desktops in cramped cubicles, and all of them were based in the Windows® OS. Using Active Directory as the sole source of truth, IT admins created a domain where their users could freely access their resources.
Thanks to AD DS, end users could log in to their Windows machine and subsequently be connected to virtually any Windows-based resource—server, application, network—that they had rights to. Of course, in an all-Windows, on-prem workplace, it was fairly simple to connect resource access together under one directory. For a time, IT admins had a straightforward IAM approach.
The Domain and the Cloud
Challenges started to emerge once new IT resources hit the market. Innovations such as cloud infrastructure, web applications, cloud file servers (and on-prem NAS appliances), and much more changed the face of IT. Non-Windows systems (macOS® and Linux®) also started to gain popularity in the workplace, putting a strain on AD DS. The traditional approach to connecting users to their IT resources, now including these new non-Windows and cloud-based ones, started to break down.
The concept of the domain was morphing and changing. The “domain” effectively now included remote resources that weren’t controlled by IT. The result was that IT organizations started to have separate user access control in multiple places. The idea of having one central authoritative identity provider was no longer valid. Essentially, the domain, as it was once known, was no more.
Most organizations, however, didn’t want to let go of (Read more...)