Searching for a Directory Service Solution?

kumulan wonders: "I've got the responsibility to set up directory services as well as a messaging/groupware system for my organization of app. 100 employees spread out over three locations. We are a startup that is merging three existing smaller companies and, given the state of existing IS infrastructure at each of these locations, the decision has already been made that we are better off starting from scratch. It would be great to hear from Slashdot readers concerning which option is 'better' and why." "For me, the choices are stark and clear:

1. MS Exchange/Active Directory
2. A cobbled-together solution based as much as possible on OSS (as no direct equivalent exists).

For (2) we have evaluated, and are strongly considering, the following:

• Samba/OpenLDAP/Kerberos
• Bynari Insight Server for messaging/groupware.
• Nitrobit Group Policy for, you guessed it, group policy management.

Of course, Samba 4 will address some of this 'cobbling', but we can't wait for that."

Re:Easy.

[zulux]

if you've a crew of MCSEs on staff who've never touched Linux, it's going to be more expensive and a bigger hastle go the OSS route.

MS's newest/latest/greatest has a large learning curve as well. You old MCSE who knows Windows Domains will have just as much trouble learning Active Directory as he would have learning Samba 3.

I've trained MCSEs in open source technology - about 50% do just fine. The otheres were paper MCSEs and sucked at Windows too.

Another Consideration

[joelleo]

What exactly is the newly merged company doing? Is it supposed to be geeky-cool? Is it doing something totally unrelated to computers or technology? Is the IT infrastructure just a means to an end - users getting their work done?

If the company is trying to do something geeky-cool, you may be best served by using a "cobbled-together" open source architecture. It'll show your boy's and girl's prowess on the console and could be used as a Hercules-on-a-pedestal showcase for your talents.

On the other hand, in either of the other two cases, you're most likely going to be using MS on the desktop and your people aren't going to care that you've implemented OpenLDAP as long as their Word, Excel and Outlook work. In this situation, as has already been noted, you'd probably be best served by implementing Windows Server 2003 + Active Directory. An additional benefit is the expertise is relatively cheap and available, and may already be in-house with your amalgamated IT staff.

Good luck!

Easy: Novell

[ImaLamer]

Novell - well if you are a Novell shop, you will use NDS. You will use everything else Novell has. It is sort of like joining a secret cult.

Not true, you can use Novell's NDS (eDirectory, the LDAP server software) right on top of Linux, Unix, or Windows. The admin tools are almost all Java based or otherwise accessible so you aren't locked in there (clients and management tools for Linux, Unix and Windows). Novell can manage the rights, er permissions, er privileges for clients of any flavor (because a directory services solution is about managing the resources on the network) - and has less bloat and more security than Active Directory.

Novell is my choice hands down. It isn't the nightmare product it used to be. Quite flexable, scalable and for all intents and purposes "open". This product actually follows standards! In my experience it also prices cheaper for clients than Active Directory, although you never know because I'm sure it has changed.

The person who asked this question initially said that the only other option to Active Directory was A cobbled-together solution based as much as possible on OSS (as no direct equivalent exists)

This simply isn't true. There is eDirectory and it's better! (PDF) Wake up people! It's 2005 and there is a better option out there and to top it all off they are a Linux company too.