What do you use as an identity provider?
-
@scottalanmiller said in What do you use as an identity provider?:
@Dashrender said in What do you use as an identity provider?:
The local hospitals all use Citrix web portals (formally nfuse - not sure new name, hell might still be called nfuse) the back end of that definitely ties to those hospital's AD - why don't they have account lockout issues?
web portal. Probably doing the exact thing that RDS Gateway does. If it is like most Citrix products, it IS RDS Gateway, just rebranded.
I thought from our conversation that this protected against locked accounts by the use of certificates, not username/passwords... in my cases, it's always username/password. Everything is SSO, even if you have to supply that username/password multiple times.
-
@nadnerB said in What do you use as an identity provider?:
@VoIP_n00b said in What do you use as an identity provider?:
JumpCloud’s SSO goes beyond application access to provide a single identity that can access any IT resource, from applications to devices, networks and more. Backed by a robust Directory Platform, you can onboard, offboard, and manage the lifecycle of every user with a single set of credentials. With one identity per user, you can easily provision and deprovision user access to devices (MacOS, Windows, and Linux), on-premise applications, networks and VPN, and servers from a single, secure console.
There is so much marketing fluff speak in that.
Did you just copy and paste from the propaganda page?Of course he did, that is all he ever does.
-
@scottalanmiller said in What do you use as an identity provider?:
@Pete-S said in What do you use as an identity provider?:
You mean if you paid for M365 then you're already using Azure AD as your identity provider in which case JumpCloud serves no purpose?
For one thing, Azure AD is lacking connectors for normal things like Linux desktops. Doesn't even WORK in our environment or most of our customers, almost none. At most it works for SOME workloads.
There is another factor as well, which favors an independent identity provider and authentication. When you have everything in one place, you give too much power over your business to a single company. If you have a problem with Microsoft (or Google) all other services will be useless if you tied everything to Azure AD (or Google Identity Services).
Also changing "Office" apps from Microsoft to Google or to Zoho or whatever you might fancy will have far reaching implications. So less freedom to pick whatever is best for your company.
-
We use WSO2's Identity Server here. It's... not terrible, but can be a real PITA to get config file settings and web page customizations to stick across upgrades sometimes. It's not too bad to configure after you get past that bit.
Works great with AD.
Link above takes you to various setup types, not just docker.
-
@dafyre said in What do you use as an identity provider?:
We use WSO2's Identity Server here
It seems popular and so does Redhat's Keycloak.
I thought you had to have paid support to get patches and that it's cost prohibitive for small companies ($20K/year).
-
@Pete-S said in What do you use as an identity provider?:
@scottalanmiller said in What do you use as an identity provider?:
@Pete-S said in What do you use as an identity provider?:
You mean if you paid for M365 then you're already using Azure AD as your identity provider in which case JumpCloud serves no purpose?
For one thing, Azure AD is lacking connectors for normal things like Linux desktops. Doesn't even WORK in our environment or most of our customers, almost none. At most it works for SOME workloads.
There is another factor as well, which favors an independent identity provider and authentication. When you have everything in one place, you give too much power over your business to a single company. If you have a problem with Microsoft (or Google) all other services will be useless if you tied everything to Azure AD (or Google Identity Services).
Also changing "Office" apps from Microsoft to Google or to Zoho or whatever you might fancy will have far reaching implications. So less freedom to pick whatever is best for your company.
Excellent points.
