By Stephanie DeCamp Posted December 13, 2019
Is it possible to automate directory services? The average IT admin’s day involves many small tasks, and these can quickly snowball. So automating directory services and their associated identity management tasks can be a major time saver for IT.
Traditionally, this kind of automation has been a challenge with the on-prem, legacy Active Directory platform. As a directory service, AD is an identity provider that requires a great deal of upkeep and ongoing maintenance. When it first came around, AD was the solution for Identity and Access Management (IAM), but it also created many of its own operating pitfalls. At the end of the day, AD is a directory service built to manage traditional, Windows®-based infrastructure.
Meanwhile, the cloud has opened up whole new worlds of opportunity for the forward-thinking IT admin. After all, 94% of enterprises use it now, and an estimated 83% of enterprise workloads will be in the cloud by 2020. Now more than ever, you can leverage cloud-based solutions to automate directory services, resource provisioning, and identity management.
Automation Through APIs
One of the foundational elements of automation are Application Program Interfaces. APIs enable different software systems to exchange information. A system leveraging APIs contains functions in code that another system can then carry, thereby enabling integration and automation.
Through the rise of Software-as-a-Service (SaaS) offerings, many admins have come to understand that it’s better to remotely control services through APIs and code rather than a user interface. For example, APIs within an identity management solution can manage:
- Account creation/modification/removal
- Controlling access
- Group membership management
- Deprovisioning and account elimination
- Collecting and analyzing usage statistics
- Software deployment
- Enforcing usage policies
- Patches and updates
- Reporting on performance
With APIs, you have the option to write programs, scripts, and commands, and then execute them automatically. Various tools can build on top of APIs as well, making it easy to work with your directory at scale and in bulk.
The power and scope of these tools is hard to overestimate. To illustrate this point, consider the JumpCloud® Active (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Stephanie DeCamp. Read the original post at: https://jumpcloud.com/blog/automating-directory-services/