Modernizing Active Directory: A Prescriptive Guide to Eliminating IT Complexity While Extending Services to Support Non-Microsoft Resources
Abstract: Celebrated programming legend Admiral Grace Hopper famously noted, “The most dangerous phrase in the English language is, ‘We’ve always done it this way.’” Truer words were never spoken then in regard to Microsoft Active Directory (AD), which persists to propagate the myth that AD is the only service that can support access control functionality, especially for custom-tailored applications. In particular, there are misconceptions that AD exclusively supports functionality for group management and access security, and that purchasing Microsoft products is required to maintain enterprise authentication and authorization compatibility. However, administrators should pause when considering the number of additional tools required to integrate with Active Directory to allow proper management of single sign-on (SSO), multi factor authentication (MFA), mobile device management (MDM), and privileged access management (PAM). At the end of the day, the integration looks like a complex jigsaw puzzle built from different puzzle vendors. The pieces fit, but it’s still difficult to manage and doesn’t look like the painted picture you originally imagined. Perhaps it’s time to find a better approach that doesn’t require so many puzzle pieces. |
Author:
|