Linux\u00ae user management is a core part of modern IT administration. The challenge is that Linux servers in the cloud are difficult to connect to a traditional user directory on-prem. <\/p>\n\n\n\n
Fortunately, a new generation of Directory-as-a-Service\u00ae<\/a> platform simplifies user management for Windows\u00ae, macOS\u00ae, and Linux machines. As a result, IT admins securely manage and connect users to all of their systems from the cloud. <\/p>\n\n\n\n Historically, sysadmins and DevOps personnel<\/a> had limited options with respect to Linux user management \u2014 all of which have significant drawbacks. <\/p>\n\n\n\n Many IT organizations either don\u2019t have a core directory service, or their existing identity management infrastructure won\u2019t talk to cloud-based Linux devices. As a result, IT professionals end up managing Linux users manually. <\/p>\n\n\n\n In other words, the admin must log into each Linux machine and create a local account when new users need added. It\u2019s a similar scenario when settings need changed or users require removal from the system, which becomes a difficult and laborious process as the organization scales. <\/p>\n\n\n\n The manual approach is also more difficult to manage and audit as it is highly decentralized. It quickly breaks down beyond a small number of Linux users. <\/p>\n\n\n\n Leveraging configuration automation tools such as Chef or Puppet represents another method of administration. Many DevOps organizations have found success by using similar tools to automate their server infrastructure, and managing users is part of that process. <\/p>\n\n\n\n The problem with this approach is that configuring user access requires admins to write code. Essentially, providing Role Based Access Control (RBAC)<\/a> means writing individual scripts for each user.\u00a0<\/p>\n\n\n\n For IT admins tasked with managing fleets of Linux systems, this scenario is daunting. Ultimately, it becomes another process that is difficult to maintain as the organization grows in size and scope. <\/p>\n\n\n\n Connecting Linux systems directly to an identity provider (IdP) describes a third approach. Of course, as previously noted, the challenge with this approach is that Linux servers in the cloud are difficult to connect to traditional user directories such as Microsoft\u00ae Active Directory\u00ae<\/a> (AD) or OpenLDAP\u2122.<\/p>\n\n\n\n After all, AD is designed exclusively for Windows user management. OpenLDAP is more flexible, but requires significantly more management overhead and maintenance. <\/p>\n\n\n\n It is possible to run them both in tandem to try and manage modern networks, but then the challenge becomes managing multiple directories. Clearly, a single source of truth for user management is ideal in modern system environments. <\/p>\n\n\n\n Fortunately, a new option has emerged that is reimagining traditional approaches to identity and access management (IAM). 探花大神\u00ae Directory-as-a-Service is a next generation directory services<\/a> platform that centralizes management of Linux, Windows, and macOS users in the cloud. <\/p>\n\n\n\n 探花大神 enables admins to create and manage users from a single pane of glass and provision them access to Linux, macOS, and Windows systems remotely. The Directory-as-a-Service also offers cross-platform GPO-like capabilities<\/a> called Policies to help manage modern system environments. <\/p>\n\n\n\nHow Have IT Admins Traditionally Managed Linux?<\/h2>\n\n\n\n
Manual User Management<\/h3>\n\n\n\n
Configuration Automation Tools<\/h3>\n\n\n\n
Integrate with a Core User Directory<\/h3>\n\n\n\n
What is Directory-as-a-Service?<\/h2>\n\n\n\n