Why is Eko ADC required On-Premises?

The need for the Eko Active Directory Connector (EkoADC) to be installed directly on your premises stems from the fundamental architecture separating Eko’s cloud environment from your organization's internal infrastructure.

1. The Problem of Communication

The Eko application is a Software as a Service (SaaS) product hosted entirely on the cloud. However, your organization's sensitive user information, credentials, and user profiles are stored within your own Local Active Directory (AD), located securely inside your Customer Data center.

Because the Local Active Directory is not typically exposed directly to the public internet, communication with Local AD cannot be established from the Eko side directly.

2. EkoADC as the Necessary Bridge

The Eko Active Directory Connector (EkoADC) is Amity Solutions’ proprietary software designed to bridge this security gap.

1. On-Premises Deployment: EkoADC must be deployed directly to the customer infrastructure (on-premises) to establish a secure, localized connection with your Active Directory.

2. Local Connectivity: Once installed locally, EkoADC can perform the necessary functions - such as LDAP binding for authentication and LDAP search for querying users - within your internal network.

3. Secure Environment: EkoADC runs on a securely hardened Ubuntu image, provided and configured to operate adjacent to your directory services.

Deploying EkoADC at the customer side is a required use case for user provisioning and AD authentication.

3. Eko AD Sync System Architecture Overview

The following table summarises how the EkoADC operates as the required component within your network boundary to facilitate user integration:

The EkoADC mediates communication between the two separate environments using HTTPS for cloud communication and LDAP/LDAPS for internal communication with your Active Directory.