The shift to Azure® Active Directory® (Azure AD or AAD) is underway in many IT organizations, but it is not without difficulty. A key challenge stemming from this shift has to do with how IT organizations manage users and systems. More specifically, many of the Linux® systems that organizations use are strewn across the web and hosted by the likes of Amazon Web Services® (AWS®) or Google Compute Engine™. IT organizations need a way to manage these cloud resources and their users. As a result, one of the first questions admins ask is if they can authenticate Linux against Azure Active Directory.
The Need to Authenticate Linux Systems and Associated Challenges
With the incredible popularity of Infrastructure-as-a-Service (IaaS) solutions like AWS and GCP, there is an obvious need to manage the users who utilize systems on those services. But, it isn’t just remote systems that need management. You may have some Linux machines on-prem either in desktop or laptop form. With Linux’s increasing popularity, the critical data inevitably stored on each endpoint needs securing. Unfortunately, configuring each system can be a manual task for IT admins. With more Linux machines in IT environments than ever before, manual management can represent a major time sink.
Another method that IT admins have implemented in an effort to automate Linux user and system management comes from popular automation tools like Chef, Ansible, Puppet, and Salt. These tools can help, but they require a fair amount of coding and expert-level knowledge to make work properly. If you’ve got the people in place to do these tasks, then by all means go ahead with it. But, one thing to consider is that these automation tools fall outside the grasp of whatever identity and access management (IAM) platform you use, whether it’s on-prem Active Directory or OpenLDAP™ or a cloud-based IAM service like Azure Active Directory. This scenario leaves the door wide open for shadow IT and security vulnerabilities.
Azure AD Integration
While it is possible to integrate Azure AD with AWS and GCE for simply logging in to their (Read more…)
>> Source Link