Alternative to Azure AD - JumpCloud
- 
 @gregorymkeller I find that to be very counter-intuitive. You have organizations that can run Unix but can't run Windows? They may not want to, but I've never met a Linux admin that couldn't run Windows in their sleep. This is a strong message thought that there are many thousands of organizations with no Windows at all out there. And all of those not running any of the desktop OSes that we normally use here. Suggesting that it is just the tip of the iceberg. 
- 
 @scottalanmiller Hey Scott! Not 100% sure I am following your position but let me add some clarity. We absolutely have folks who run both Linux and Windows (and Mac). In many cases, they will not have staff who have (or want) to run Domain Controllers. They are just too focused on infrastructure (e.g. their platform) needs to defocus IT staff for owning the management of the servers. This is a reality that we experience every day. Again, it may not be like your company, but this is who we see in a vast majority of cases. They opt to move to services like ours and reduce the capex on servers and re-task IT resources towards other critical needs (more efficient employee on boarding, HCM integration needs, cloud-solutions research and implementation, etc.) I also want to re-enforce that a large swath of our customer base literally has a zero-MSFT policy. Literally, no Microsoft. I found that impossible to believe having built MSFT-specific software for nearly two decades, but I stress, it is a true mandate. And we hear it every day. The footprint of these companies is very similar: Bulk acquired and DEP'd Macs, AWS infra (mainly Amazon RH), web based/SaaS apps they subscribe to and Meraki running the overheads. Their IT staff are in their early to mid 20's, many never (and I mean that sincerely) having used MSFT before but use vi and can code (read: DevOps). So it's not even a variable in their decision-making on IT needs. Again, as a guy with some graying hair, I found it hard to believe but we are responding to a legitimate and thriving market who quite honestly leverage no MSFT in their organizations. As I type this, I have just flown back from Singapore visiting not one, but three large customers (3-4000 employees), who look and feel exactly like this. Although each of their finance teams were on Windows 8.1 clients (so not all truly 100% Mac). Again, I hope this helps you and I am always available to chat in person to talk more about what we're experiencing. 
- 
 @gregorymkeller This is of no bash to you or your company or product. However, when I am asked to walk into a company of less than 10 users, I am mainly finding windows computers in, maybe, a workgroup structure, emailing files to one another. These computers are typically purchased from a box store and carried home/office in order to be setup. Unless they are somewhat tech savvy, they have never even heard of Linux, let alone went out to buy a Linux computer of some sort. The only reason why they have purchased Windows is because of brand name recognition and familiarity. Otherwise, they are none the wiser. 
- 
 @NerdyDad Absolutely! We have a ton of health care and other 'clinic' orgs who bulk-buy windows machines. In many cases, they can get away with Windows 10 and AAD along with Intune and AAD join to manage thier endpoints. Total MSFT solution and it's great. Yet others don't want AAD (they use G Suite as an example) and have Windows 7 or 8.x endpoints...and maybe some 10....and thus AAD is a non-starter. So they find us to drop our agent on their systems and get cloud-based directory coverage (along with RADIUS, LDAP and SAML services). Hope this helps! 
- 
 @gregorymkeller said in Alternative to Azure AD - JumpCloud: @scottalanmiller Hey Scott! Not 100% sure I am following your position but let me add some clarity. We absolutely have folks who run both Linux and Windows (and Mac). In many cases, they will not have staff who have (or want) to run Domain Controllers. Not wanting to I totally understand. We decommed them ourselves. We didn't want to run them that much  
- 
 @gregorymkeller said in Alternative to Azure AD - JumpCloud: Again, as a guy with some graying hair, I found it hard to believe but we are responding to a legitimate and thriving market who quite honestly leverage no MSFT in their organizations. I have no hair left, but it was grey before it went away, I've been around long enough that Windows as a mainstay felt like a passing fad  
- 
 For some reason, I'm wondering if @Dashrender got some kind of kickback... @Dashrender, did your pockets get a little padded? Hmmm... 
- 
 Yesterday, I tested JumpCloud for half hour by creating a couple of users and systems and today I just finished a 1 hour session with one of their support agents. From an AD replacement perspective, their service is still in preliminary stage, or at least, not in a position to replace AD. You can not create or implement policies without going through command line or scripting. They will also need to prepare a list of policies available to implement using their service (at the moment, you will need to search their KB to see if a specific policy can be implemented or not). However, it seems to be a good move if you do not have an AD already or you have a number of small/remote offices where implementing AD at each location is an overkill. To summarize, I am thinking of using JumpCloud to manage my Sub-Saharan offices where I have only a few users at each location. Some control is better than no control, right :)? 
- 
 @sn said in Alternative to Azure AD - JumpCloud: Yesterday, I tested JumpCloud for half hour by creating a couple of users and systems and today I just finished a 1 hour session with one of their support agents. From an AD replacement perspective, their service is still in preliminary stage, or at least, not in a position to replace AD. You can not create or implement policies without going through command line or scripting. They will also need to prepare a list of policies available to implement using their service (at the moment, you will need to search their KB to see if a specific policy can be implemented or not). However, it seems to be a good move if you do not have an AD already or you have a number of small/remote offices where implementing AD at each location is an overkill. To summarize, I am thinking of using JumpCloud to manage my Sub-Saharan offices where I have only a few users at each location. Some control is better than no control, right :)? My understanding is that it is an Azure AD, not an AD, replacement at this point. Which I think is better for most SMBs, especially smaller ones and those that are more mobile. I'm not a fan of AD and GPO, they were good ideas 17 years ago, but lack a lot today. But Microsoft hasn't made great strides in replacing it yet (but are working on it with Azure AD.) Honestly at this point, I think that the Linux world has pulled ahead in desktop management. 
- 
 @NerdyDad said in Alternative to Azure AD - JumpCloud: For some reason, I'm wondering if @Dashrender got some kind of kickback... @Dashrender, did your pockets get a little padded? Hmmm... What are you talking about? what? a kickback for posting about that on ML? Um - NO I did not - I don't spam the shit out of ML like some other members around here, and now I'm being accoused of spamming this - WTF? 
- 
 @Dashrender said in Alternative to Azure AD - JumpCloud: @NerdyDad said in Alternative to Azure AD - JumpCloud: For some reason, I'm wondering if @Dashrender got some kind of kickback... @Dashrender, did your pockets get a little padded? Hmmm... What are you talking about? what? a kickback for posting about that on ML? Um - NO I did not - I don't spam the shit out of ML like some other members around here, and now I'm being accoused of spamming this - WTF? Hey hold on here a minute. I was just joking around with you. Not actually accusing you of anything. You just gave them a plug. That was it. Sorry for poking the wrong button. If I wanted to accuse you of something. I would have actually brought evidence to support said accusations. 
- 
 @scottalanmiller said in Alternative to Azure AD - JumpCloud: My understanding is that it is an Azure AD, not an AD, replacement at this point. Which I think is better for most SMBs, especially smaller ones and those that are more mobile. I'm not a fan of AD and GPO, they were good ideas 17 years ago, but lack a lot today. But Microsoft hasn't made great strides in replacing it yet (but are working on it with Azure AD.) Honestly at this point, I think that the Linux world has pulled ahead in desktop management. I'm not sure how Linux has pulled ahead in desktop management - and explanation would be great. Please don't mention tools like puppet either, those are strap on things, not part of the base install. I agree that MS has failed us in moving AD to a cloud based, LAN-less situation. AAD handle authentication, but doesn't bring the rest of the Active Directory 'things' along with it, like GPOs. instead you need yet another paid product like Intune. 
- 
 @Dashrender said in Alternative to Azure AD - JumpCloud: I'm not sure how Linux has pulled ahead in desktop management - and explanation would be great. Please don't mention tools like puppet either, those are strap on things, not part of the base install. They are built into my Linux desktop. Since GPO comes with Windows server and NOT Windows desktop, that's an add on to Windows, too. So Linux has things like Puppet built in and Windows does NOT have GPO built in. So using your logic, Linux pulls even farther ahead than I was thinking. 
- 
 @scottalanmiller said in Alternative to Azure AD - JumpCloud: @Dashrender said in Alternative to Azure AD - JumpCloud: I'm not sure how Linux has pulled ahead in desktop management - and explanation would be great. Please don't mention tools like puppet either, those are strap on things, not part of the base install. They are built into my Linux desktop. Since GPO comes with Windows server and NOT Windows desktop, that's an add on to Windows, too. So Linux has things like Puppet built in and Windows does NOT have GPO built in. So using your logic, Linux pulls even farther ahead than I was thinking. I'm not disagreeing with you but Local Group Policies are built into the Windows Desktop. You can manage them via a script without having Active Directory setup. 
- 
 @Dashrender said in Alternative to Azure AD - JumpCloud: I agree that MS has failed us in moving AD to a cloud based, LAN-less situation. AAD handle authentication, but doesn't bring the rest of the Active Directory 'things' along with it, like GPOs. instead you need yet another paid product like Intune. Azure AD does provide GPO functionality. but, of course, they can't call it GPO because it's not actually AD and they've tied the names together. So if Azure AD offers GPU, then lots of other things do too. So they got caught by their naming tricks. But the functionality of GPO is available from Azure AD. 
- 
 @coliver said in Alternative to Azure AD - JumpCloud: @scottalanmiller said in Alternative to Azure AD - JumpCloud: @Dashrender said in Alternative to Azure AD - JumpCloud: I'm not sure how Linux has pulled ahead in desktop management - and explanation would be great. Please don't mention tools like puppet either, those are strap on things, not part of the base install. They are built into my Linux desktop. Since GPO comes with Windows server and NOT Windows desktop, that's an add on to Windows, too. So Linux has things like Puppet built in and Windows does NOT have GPO built in. So using your logic, Linux pulls even farther ahead than I was thinking. I'm not disagreeing with you but Local Group Policies are built into the Windows Desktop. You can manage them via a script without having Active Directory setup. Sure, and I point that out all of the time. But they aren't as advanced as what Linux has built in, with tools like Salt. Of course "Linux" is a bad way to talk about it. It's the main Linux distros like RHEL, Fedora, Suse and Ubuntu. But they all have tools like that included. 
- 
 A key difference is that the enterprise Linux offerings have the infrastructure included, you don't have to build your own or buy an additional Windows server to have it work. You can do it all from your desktop if you want. And all with included tools and no scripting. 
- 
 @scottalanmiller said in Alternative to Azure AD - JumpCloud: @Dashrender said in Alternative to Azure AD - JumpCloud: I'm not sure how Linux has pulled ahead in desktop management - and explanation would be great. Please don't mention tools like puppet either, those are strap on things, not part of the base install. They are built into my Linux desktop. Since GPO comes with Windows server and NOT Windows desktop, that's an add on to Windows, too. So Linux has things like Puppet built in and Windows does NOT have GPO built in. So using your logic, Linux pulls even farther ahead than I was thinking. What? GPO is mostly definitely something built into the Pro version of the desktop. Sure it's managed from files on the server, but you don't have to install anything on the workstations to make them understand it and use it - you simply follow the process of joining the workstation to the domain. Assuming your flavor of Linux has Puppet baked in, OK you get a tie there, perhaps some type of edge, but I can't saw how much or how little. 
- 
 @scottalanmiller said in Alternative to Azure AD - JumpCloud: @Dashrender said in Alternative to Azure AD - JumpCloud: I agree that MS has failed us in moving AD to a cloud based, LAN-less situation. AAD handle authentication, but doesn't bring the rest of the Active Directory 'things' along with it, like GPOs. instead you need yet another paid product like Intune. Azure AD does provide GPO functionality. but, of course, they can't call it GPO because it's not actually AD and they've tied the names together. So if Azure AD offers GPU, then lots of other things do too. So they got caught by their naming tricks. But the functionality of GPO is available from Azure AD. OK this sound vaguely familiar, like it was an add-on/enhancement after I first took a look at it. 
- 
 @scottalanmiller said in Alternative to Azure AD - JumpCloud: A key difference is that the enterprise Linux offerings have the infrastructure included, you don't have to build your own or buy an additional Windows server to have it work. You can do it all from your desktop if you want. And all with included tools and no scripting. How do you get unified authentication in Linux? Another huge difference between Linux and Windows, is Linux servers are only different from workstations mostly because of the packages differences, at least from my POV. Windows would be the same if not for license restrictions! Linux having no license restrictions, basically allows it to do everything in every version however they want. Windows can't ONLY because of licensing limitations. 



