Virtual LDAP Service: The Force Awakens

December 18th, 2015   /     /   product and technology, company news, smarter identity

We have a new feature for you: it is super sleek, it slices and dices, and it makes a nice “wooosh” sound when you turn it on. It has everything you want in a lightsaber… except this feature lets you adopt Cloud Identity much faster than ever before.

Coming out of closed beta for select customers, we are excited to introduce our brand new Virtual LDAP Service. It enables customers to use OneLogin for authentication and authorization over LDAP. Some common use cases include login via VPN boxes, WiFi boxes, SSH servers, older web apps, and other servers that use LDAP to validate user credentials.

A few neat things you should know about the Virtual LDAP Service:

- It enables you to virtually unify all of your existing directories. Many of our customers have users that are synced from several different directories, as well as users that exist only in OneLogin. Virtual LDAP not only enables you to use your existing Distinguished Names, but also introduces Virtual Distinguished Names. This feature assigns a OneLogin-specific Distinguished Name to every user regardless of where the user resides. In short, this enables admins to use OneLogin as one simple LDAP directory for their account.

- It supports any LDAP integration without the need for an on-premise LDAP server. OneLogin can be your only directory. We put the LDAP Service in the cloud with your existing OneLogin services.

- It scales in the cloud. OneLogin spins up as many servers as needed in different regions for optimal performance and redundancy.

- It enables you to secure your users. We offer LDAP as well as LDAPS for protecting user credentials, so that you can use our integrated service to replace older and unsecure LDAP integrations that you have on-premise.

Coming soon to a OneLogin account near you, the Virtual LDAP Service enables the following scenarios:

-Enables adoption of Cloud IdM in complex environments that have legacy software and integrations.

-Enables enterprises to virtually unify their numerous directories and legacy structures to a single source of truth in the Cloud via an IdP or IDaaS/IdM service.

-Supports building new IT architectures in the cloud without depending on legacy integrations that point to on-premise data-centers.

-Enables early adopters to embrace the cloud while still using a legacy protocol like LDAP for special needs.

Currently, the Virtual LDAP Service supports LDAP bind and limited LDAP Search support, allowing authentication and user lookup based on email. In the next few weeks, we will roll out OneLogin group support and additional LDAP query capabilities so that you will be able to integrate it with most commercial products. In the future, we will add more flexibility around Distinguished Name customization, policies and directory unification.

Contact our sales team for additional information. And may the force be with you.

About the Author

Jonathan Bennun is a Product Management leader with over 15 years of experience in various roles in the tech industry, including software engineering, consulting and product management. Now at OneLogin, he leads the Devices and Authentication teams. His primary mission is to deliver new, innovative services and to improve the customer user experience on web and mobile.

View all posts by Jonathan Bennun