As more IT organizations leverage Office 365™, by default, users continue to be given Azure® Active Directory® identities. Much like how G Suite™ identities are extended over to Mac® systems, IT admins are wondering if it is possible to do the same by extending Azure AD identities to Mac systems. Thankfully, this is now completely possible with a tightly integrated cloud directory called Directory-as-a-Service®. Let’s look at how the cloud directory is bridging Azure AD and Mac systems for IT organizations around the world.
Why a Cloud Directory Bridge is Needed
Stepping back for a moment, Azure AD is understood as Microsoft’s® complement to the on-prem Active Directory platform. While admins everywhere were hoping Azure AD would be a cloud replacement to the traditional on-prem server approach, Microsoft instead chose to preserve the investments of legacy customers by trying to complement the on-prem approach. While this is ideal for those legacy customers heavily invested in Windows-centric infrastructure, it can create significant management complications for modern office environments trying to go full cloud.
Essentially, Azure AD is a user management system for Azure and O365 as well as a web application single sign-on (SSO) platform. In the same vein as Microsoft’s on-prem version of Active Directory, Azure AD too struggles with non-Windows platforms, and oddly enough in Azure AD’s particular case, infrastructure outside of Azure. In fact, Microsoft doesn’t really recommend connecting on-prem systems to their Azure AD Domain Services solution. They recommend “authenticating” Windows® users via OAuth or OpenID, which work better over the Internet. Unfortunately, that still leaves a sizeable gap for authenticating Mac systems and Linux® workstations.
Direct Benefits for Users and Admins
The good news is that you can tightly integrate a third-party cloud directory service with Azure AD. This cloud identity provider can enforce one set of credentials for Azure AD as well as the rest of an organization’s IT resources—including their macOS® systems. The result is that end users directly benefit from having only one identity to remember and manage across their wide (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by George Lattimore. Read the original post at: https://jumpcloud.com/blog/azure-ad-identities-extend-mac/