Why is Indirect Integration Better?

In last year’s blog series, I covered both direct and indirect Active Directory integration options. But I never explained what we actually suggest / recommend. Some customers looking at indirect integration saw only the overhead of providing an interim server and the costs related to managing it. To be clear, these costs are real and the overhead does exist. But we still recommend

indirect integration over the direct one. So... why is that?

I want to point out that the overhead and costs associated with the direct integration are sometimes hidden and often neglected when deciding which path to follow. In an attempt to start small and to save time and energy, some companies embark on the direct integration path to achieve their immediate goals and to solve their immediate challenges without looking at growth trajectories and future needs.

My advice: do not get trapped into the “we will figure it out later” approach. Direct integration will soon lead to "cruft" and high maintenance costs. As I mentioned in a previous blog the direct integration solution is good for small environments (up to several dozens systems) when it is not too hard and costly to switch. But the more systems you add, the harder it gets to manage.

We have heard the objection to the indirect or trust approach that, in some cases, it is not that easy to promote an indirect solution and there may be corporate policies or politics that make this choice difficult. But let me assure you that it is worth making your case! Plan ahead.  Plan for the future so that you can stay competitive and adapt quickly.

Again, always know that we're here to help! This blog series gives you arguments to fight your political battles. Let the force be with you!