For many years, no one questioned when to use Active Directory®. Since it was the only game in town effectively, everybody just assumed to use AD as their directory service and domain controller. Now, however, with a changing IT landscape, it isn’t so cut and dry on when to use AD and when not to. Add in the complication of Microsoft®s other “AD” solutions, such as Azure® Active Directory, and the decisions have only gotten harder. In this article, we’ll try to simplify the approach to identity and access management for modern organizations.
Out to Sea with Active Directory
Before we dive into the specifics of when to use AD and when not to, it is helpful to step back and understand the overall context of IT networks and identity management. Having an accurate perspective for how IT has changed will help inform your decision in the identity and access management space. Traditionally, as you probably know, IT networks were on-prem and Windows-based. This setup made it easy for a Microsoft solution (AD) to be the control point for user access to domain resources and a Windows system management platform.
As the network started to shift away from on-prem and Windows to cloud infrastructure like AWS®, productivity solutions like G Suite™ and Office 365®, web applications such as Salesforce®, Slack, and GitHub, Samba file servers, NAS appliances, cloud storage solutions such as Box™ and G Drive™, and WiFi networks, the traditional approach with Active Directory started to take on water. It simply wasn’t built to carry the weight of all these non-Windows® resources and needed extensive modifications / additions to keep the ship from sinking.
Patching the Server Sails
To keep moving forward with AD as their base, IT admins started to search for add-on solutions such as identity bridges, web application single sign-on platforms, privileged identity management solutions, MFA/2FA tools, and much more. In other words, instead of a new ship with a new directory service solution at its core, IT admins were adding more and (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by George Lattimore. Read the original post at: https://jumpcloud.com/blog/active-directory-when-use/