Active Directory...without the Windows - the Centrify way

Centrify has a new way to let people benefit from Active Directory: with whatever client you want.

Last week I spent some time talking with Tom Kemp, CEO of Centrify. Centrify is not open source but, depending on how you look at it, either solidifies or dilutes Microsoft's hold on its customers. In Centrify's case, it extends Active Directory to platforms other than Microsoft, meaning that it:

...centrally secures...heterogeneous systems, web applications, databases and storage systems using Microsoft Active Directory. Centrify DirectControl secures...non-Microsoft platforms using the same authentication, authorization and Group Policy services deployed for your Windows environment.

In other words, it lets customers choose to leverage their Microsoft technology without being forced completely into the Microsoft ecosystem. This is a good thing. Choice is good.

Centrify

Centrify opted not to develop a server-side clone of Active Directory, citing customers as the reason. Few want to risk identity management on a clone. Instead, Centrify decided to focus on enabling heterogeneity in the client world. In other words, Centrify allows administrators to deploy an Active Directory server but make it work with non-Windows clients (Mac OS X machines or Linux or...whatever).

As Tom noted, most enterprises have 50-60 identity stores, which requires users to have multiple logins to use their company's IT systems. Single sign-on systems (essentially, metadirectories) were then developed to solve the problem, but the solution created other problems: such schemes rely on big databases to provide replication and synchronization, which costs a great deal of money and introduces additional complexity.

So, instead of building a big database to replicate and synchronize (Tom noted that the underlying identity stores may not support synchronization, anyway), Centrify decided to embrace and extend Active Directory, allowing customers to reduce the number of identity stores, leveraging AD and putting in on steroids. It sounds very cool. I just wish it were open source. :-)

Centrify isn't trying to steer buyer behavior to or from Microsoft's Active Directory. It takes the world as is and provides an "out" for those enterprises (and they probably include everyone) that run more than Windows. It's something that Microsoft arguably would prefer not to touch - why provide choice when monopoly is so profitable? :-) - so I'm glad someone is doing it.

Keep an eye on the company. Looks interesting.

Tags:
Tech Culture
About the author

    Matt Asay is chief operating officer at Canonical, the company behind the Ubuntu Linux operating system. Prior to Canonical, Matt was general manager of the Americas division and vice president of business development at Alfresco, an open-source applications company. Matt brings a decade of in-the-trenches open-source business and legal experience to The Open Road, with an emphasis on emerging open-source business strategies and opportunities. He is a member of the CNET Blog Network and is not an employee of CNET. You can follow Matt on Twitter @mjasay.

     

    Join the discussion

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    HOT ON CNET

    Want affordable gadgets for your student?

    Everyday finds that will make students' lives easier: chargers, cables, headphones, and even a bona fide gadget or two!