Alternative to Active Directory / out-of-the-box central authentication with Linux?
Our company has decided to at least seriously investigate moving away from Windows due to nightmares with Vista and Active Directory. The only applications the machines need to be able to run are Firefox and Thunderbird.
What we need is:
- A central server, running Linux or BSD
- Other machines connect and authenticate to central server
- Simple file sharing between other machines and server
Basically, a really simple version of Active Directory, all we need that main server for is centralized authentication.
Is there a distribution of Linux/BSD that is ready to do this out of the box with minimal configuration? We don't want to spend 6 months getting everything installed and ready, I need it to just work. Does it exist?
OpenLDAP is what you need. It is available as a package for Debian, Fedora, Ubuntu and other distros. For file and print services, you can install Samba (also available as a package).
Commercial solutions include Novell eDirectory.
You can also have a look at Fedora Directory Server and Apache Directory Server.
Thanks, that's a start.
What am I looking at for complexity of setting up an OpenLDAP server *AND* getting other machines to connect and authenticate to it?
If I install the OpenLDAP package, is most of the configuration straight-forward? How about for the other machines, is it straightforward to get SUSE or another distribution to connect and authenticate?
SuSE has a YaST2 configuration item for configuring ldap. It also has a selection on the client computer (suse 10.3 again) to authenticate using different sources including samba, ldap, AD, etc. I don't know how much the wizard will set up for you on the server side. It may depend on whether you plan to replace or migrate.
There are three books that come with the samba-doc package. Samba-3 by example, Samba 3 - Howto and Reference Guide and Using Samba that deal with ldap. The Howto and Reference Guide has a migration section that might be useful. The Samba 3 by Example book has more step by step examples, but part of it may be performed by the wizard.
This IBM Redbook may be useful:
Also read the Documentation in the SuSE manual. The SuSE wiki might be useful as well.
I just looked in YaST and didn't see an LDAP server wizard. It could be because I don't have LDAP installed.
Here is a two-part SuSE ldap primer:
It runs through configuring a SuSE server with Linux and Windows XP clients as well as using LDAP with Thunderbird.
I didn't have the yast2-ldap-server package installed.
You might want to try looking for some VMs that are already configured with OpenLDAP, if you have a virtual server.
I've set some stuff up that way and it is a lot easier.
|All times are GMT -5. The time now is 04:41 AM.|