Historically, AD tied on-prem, Windows-based networks together as the central source of authentication and authorization for accessing IT resources. An end user could login to their Windows device when connected to the network either directly or through a VPN, and subsequently access Windows-based infrastructure.
As the IT landscape shifts to the cloud and non-Windows-based IT resources, AD has struggled to simplify connectivity to these resources, requiring a whole host of add-on solutions. Many of these, such as web application single sign-on (SSO), privileged access management (PAM), multi-factor authentication (MFA/2FA), and identity bridges require on-prem management. This approach further cements an IT infrastructure on-prem and adds time and cost to run a network.
JumpCloud’s newly released ADI feature extends AD identities to a wide range of modern IT resources, including:
- Cloud infrastructure such as AWS, Google Cloud, Digital Ocean, and more;
- Web applications like Slack, Github, and Salesforce;
- macOS and Linux systems;
- Samba-based file servers such as Synology and QNAP;
- VPNs including OpenVPN, Cisco, Fortinet, and Palo Alto;
- WiFi systems from Meraki, Aruba, and Ubiquiti among others.
This is accomplished through JumpCloud’s modern, cloud-based directory service and authentication protocols, obviating the need for additional Windows servers and infrastructure to be installed and managed.
“Modern organizations are increasingly giving employees a choice in preferred computing devices and applications in addition to managing people in various geographic locations,” said Julie Mendelson, product management at JumpCloud. “JumpCloud’s Active Directory Integration reduces the complexity for IT admins by easily extending AD identities to our cloud-based directory services, thereby connecting users to the modern IT resources they need to get their jobs done.”
JumpCloud’s ADI involves two key components. The AD Import agent is used to send identities and associated data (passwords and groups) into JumpCloud’s cloud-based directory infrastructure. This infrastructure then relays this information to any connected resource managed by JumpCloud (e.g. a WiFi network being managed by JumpCloud’s RADIUS services).
Additionally, the recently-released AD Sync agent can provide end-user features such as password updating from macOS hosts, which will write password information directly and securely back into AD. This bi-directional process ensures that identities stay in sync whether changes emit from AD or from JumpCloud.
This ADI functionality is modernizing traditional IT solutions. It allows IT organizations to extend AD to nearly all of the tools employees need to do their jobs while maximizing their existing investment in AD. IT organizations can now leverage a wide range of IT resources without being concerned about a lack of control and management. JumpCloud enables IT admins to fully control access to virtually all IT resources regardless of platform, protocol, provider, and location.