Why Go Domainless?

The domain has been a staple in IT organizations. At its best, the domain has provided a secure perimeter and centralized access to IT resources. But increasingly, sysadmins are asking, “Do I really need a domain controller?” This question is especially common at modern organizations that leverage a variety of resources outside of the Microsoft® ecosystem, including Macs, Linux, G Suite™, and AWS®. Many are choosing to eschew the domain altogether. Below, we’ll explain why you may benefit from going domainless and how that’s possible using cloud-based directory services.  

When Domains Ruled The World

The idea of the domain is to log in once to your Windows machine when you are connected to the network and then to be able to access whatever you have rights to access. This concept works great for on-prem Windows-based environments.

While Microsoft didn’t create the concept of the domain, they perfected it with Active Directory® Domain Services (AD DS). There was a golden period shortly following the release of Active Directory in 1999 where users at Windows-based IT organizations were able to use a single set of credentials to securely access virtually everything that they needed to do their jobs. In other words, it was SSO before the term Single Sign-On even existed.

One Foot In The Domain, One Foot Out

But those were different times. That was back when applications came on CD-ROM and Mac machines were relegated to universities and design firms. That was before the proliferation of web applications, cloud infrastructure, non-Windows file servers, Linux® machines, and more. Everything didn’t fit neatly in an on-prem, Windows-centric box anymore.

But course, IT organizations that had an established domain didn’t ditch it overnight just because some Macs and apps started popping up in their environment. Instead, they looked for ways to extend their domain or allow some resources to securely exist outside of it. Solutions like SSO, VPNs, and identity federation all helped bolster existing domains. To varying extents, these solutions worked, but also introduced additional layers of complexity and cost.

At the end of the day, (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Nick Scheidies. Read the original post at: https://jumpcloud.com/blog/why-go-domainless/

Nick Scheidies

Nick Scheidies is a life-long of computer technology since he could first use a mouse and keyboard. In his role as Content Marketing Manager at JumpCloud, Nick has specialized in learning about identity security and cloud-based infrastructure for IT organizations.

nick has 24 posts and counting.See all posts by nick