Last month Amazon launched it’s Active Directory Service for Amazon Web Services, the word’s leading cloud offering from Amazon. This new service is based on the well-known and industry-proven open source software, Samba 4, which is not new and which we at Univention have used for years to provide our customers with Active Directory service compatible to Microsoft and Microsoft Windows clients. Amazon also launched a connector to existing Active Directories that corporate customers typically run on premises to manage their identities, roles and rights. Together these two new services will enable enterprises to use the same identities and associated rights with all services and applications they run in the Amazon cloud and in their classical on premises IT infrastructure. At a first glance this news sounds like it will be easier to use, with less administrative effort from users and far better security.

AD Services and Connection already established in UCS for years

Active_Directory_mit_UCSThis is certainly good news for Amazon cloud users, and we at Univention agree that for widespread enterprise cloud computing adoption, a unified enterprise directory for all cloud-based applications, as well as a reliable connection between the enterprises’ existing IDM system (which typically is Microsoft Active Directory) and cloud-based applications, is a prerequisite. In fact, Univention Corporate Server, our open source platform that runs and integrates applications in the cloud or on premises, includes Samba-based Active Directory Services and a connector to Microsoft Active Directory…and has for years. Amazon’s move was expected and presses other cloud service providers to offer similar services. We expect many of them to leverage our products for that.

A new silo in the Amazon cloud

The problem with Amazon’s offering, however, is that it opens a new silo in the Amazon cloud. I predict that once enterprises start relying on these services and build their business processes around it, it will be just as hard to move the whole Active Directory out of the Amazon cloud. Amazon’s Interfaces, processes and proprietary data are just as difficult to remove as similar data from cloud offerings from Microsoft or Google. So these new silos do what they always do — they introduce new vendor lock-ins and reduce innovation and economic efficiency.

We follow a different path at Univention. We provide cloud service providers and end-user customers with the same technology, so they have the same benefits to begin with. Compared to Amazon’s offering, our open source technology is not bound by a specific cloud service provider or software vendor. This give customers the freedom to move their entire directory to another service provider or even back to their premises if they feel that this better fits their needs. The result is choice and competition in the cloud, not new vendor lock in, so we do our part in ensuring innovation and reasonable prices for customers in the long term.

Use UCS Core Edition for Free!
Download now

Leave a Reply

Your email address will not be published. Required fields are marked *