How Linux Beats Windows in ID Management Ease

← Back to Stories (view on slashdot.org)

How Linux Beats Windows in ID Management Ease

Posted by CmdrTaco on Wednesday July 13, 2005 @05:08AM from the what's-my-name-again dept.

Amy Kucharik writes "Fed up with Windows systems management? A Linux conversion may be your ticket away from the daily hassles of managing and licensing domain controllers and related software devices. In this tip, Paul Murphy discusses the evolution of LDAP and how using it, along with Linux, can make an administrator's job easier."

7 of 286 comments (clear)

Min score:

Reason:

Sort:

Novell NSure by michael+path · 2005-07-13 05:23 · Score: 4, Informative

Sure, Linux is one way.

However, I'm very impressed by Novell NSure.

Do not overlook this product if you're looking for a solid LDAP based Identity Management solution.
eDirectory by malraid · 2005-07-13 05:25 · Score: 4, Informative

There's nothing better in ID management the eDirectory, either running on Linux, NetWare, or yes.... even Windows. MS always promises that the *next* Active Directory version will have the features that eDirectory had 15 years ago. True container based security and delegation, partitioning, replication, all with the greatest of use. Yes, it's more expensive that OpenLDAP, but WAY better.

--
please excuse my apathy
Article improperly credits Project Athena for PAM by Otterley · 2005-07-13 05:43 · Score: 4, Informative

The article incorrectly states that PAM (Pluggable Authentication Modules) came out of Project Athena.

However, it was actually invented by Sun, and was eventually adopted as RFC 86.0 by the Open Software Foundation in 1995.
Re:How's this different? by jacksonj04 · 2005-07-13 06:00 · Score: 4, Informative

One is free, but needs a lot of implementation to get it to work.

One costs, but it's damn easy to use.

Personally, for mucking around improving skills I'd use the Linux/LDAP but as soon as you hit a corporate environment, Group Policy wins hands down for speed, integration and ease of use.

--
How many people can read hex if only you and dead people can read hex?
Re:My new GNU/Linux Distribution by Wylfing · 2005-07-13 06:45 · Score: 4, Informative

Just in case you missed the sarcasm, because you may have never tried to set up LDAP before, this is a reflection of what LDAP is like. It is not a product, it's a set of (impossibly arcane) tools with which you can create a product, over the course of several human lifetimes, that might have the same features as Active Directory. And it's got "Isla de Muerte" documentation -- nobody can understand it unless they already know how it works.

--
Our intelligent designer has never created an animal that we couldn't improve by strapping a bomb to it.
Re:Feature Request by schon · 2005-07-13 07:54 · Score: 4, Informative

For something more complex (like specifying unix UIDs, login shells, home directories, etc) you need to look at Microsoft Services for Unix (to extend the AD schema)

Which (in my experience) just tanks your AD server.

I've tried it twice, and both times turned my AD server into a doorstop - the AD service locks hard, and there's no way to bring it back.. which makes the entire machine useless (as you can't log in without AD running) - a reinstall was required to fix it.

And apparently I'm not the only one this has happened to.
Re:RDS questions by schon · 2005-07-13 08:03 · Score: 4, Informative

Is that open source?

Yes

The page makes it look like it isn't.

You're correct, RH's page is pretty misleading (maybe because they want you to buy a support contract from them?) - I had to hunt around for quite awhile before I found the source.

Is this the reincarnation of Netscape Directory Server?

Yes, although it's now known as "Fedora Directory Server"

They have a wiki for the project here