5 Reasons K-12 School Districts Should Replace Active Directory - Security Boulevard

5 Reasons K-12 School Districts Should Replace Active Directory

By Megan Anderson Posted January 23, 2020

A common belief among IT admins is that Active Directory® (AD) can’t be beat in terms of IT resource management. Although this was true for organizations in previous years, more cloud-forward replacements could serve K-12 school districts better.

Active Directory and K-12 Conflicts

With Active Directory acting as the premier identity management solution for two decades, many school district sysadmins today inherit their AD instance. The tool was intended more for business enterprises operating from one location than educational institutions. But because students and staff increasingly needed computer and application access, schools had to implement a way to manage them. The popularity of Windows® computers made AD the best tool for the job at the time.

However, school districts span across a wide area, are publicly funded, and generally operate as nonprofits. As a result, there are a number of areas where AD and K-12 schools conflict.

1 – Implementation and Maintenance Costs

Funding for K-12 schools varies by district, but most don’t have ample budgets to work with. Buying on-prem servers and purchasing Windows Server licenses and CALs can be expensive even under Microsoft’s .edu licensing, but it’s not a one-time purchase. Once the servers reach their end-of-life and the license term expires, schools have to spend just as much — or more — on renewing the license and replacing the servers. The funds allocated to building and maintaining a district’s IT infrastructure could be better invested in projects with more direct impact on students and staff.

2 – No Cross-Platform System Management

Active Directory works best when the IT environment it’s implemented in is entirely Windows-based. However, most school districts have disparate operating systems in their domain. As more schools leverage Chromebooks and macOS® systems, AD becomes less effective as the core authority. 

3 – Manual Onboarding and Offboarding

Although onboarding and offboarding a homogenous Windows environment is rather straightforward, doing so for non-Windows platforms, especially web applications, is less so. Non-Windows users must be onboarded and offboarded manually, which in school districts that can serve thousands of (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Megan Anderson. Read the original post at: https://jumpcloud.com/blog/k12-replace-ad