In last year’s blog series, I covered both direct and indirect Active Directory integration options. But I never explained what we actually suggest / recommend. Some customers looking at indirect integration saw only the overhead of providing an interim server and the costs related to managing it. To be clear, these costs are real and the overhead does exist. But we still recommend
indirect integration over the direct one. So... why is that?
I want to point out that the overhead and costs associated with the direct integration are sometimes hidden and often neglected when deciding which path to follow. In an attempt to start small and to save time and energy, some companies embark on the direct integration path to achieve their immediate goals and to solve their immediate challenges without looking at growth trajectories and future needs.
My advice: do not get trapped into the “we will figure it out later” approach. Direct integration will soon lead to "cruft" and high maintenance costs. As I mentioned in a previous blog the direct integration solution is good for small environments (up to several dozens systems) when it is not too hard and costly to switch. But the more systems you add, the harder it gets to manage.
We have heard the objection to the indirect or trust approach that, in some cases, it is not that easy to promote an indirect solution and there may be corporate policies or politics that make this choice difficult. But let me assure you that it is worth making your case! Plan ahead. Plan for the future so that you can stay competitive and adapt quickly.
Again, always know that we're here to help! This blog series gives you arguments to fight your political battles. Let the force be with you!
关于作者
产品
工具
试用购买与出售
沟通
关于红帽
我们是世界领先的企业开源解决方案供应商,提供包括 Linux、云、容器和 Kubernetes。我们致力于提供经过安全强化的解决方案,从核心数据中心到网络边缘,让企业能够更轻松地跨平台和环境运营。