[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Alternative to OpenLDAP



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 2 Oct 2003, Yelich, Scott D. wrote:

> This might be off topic - but does anyone have any recommendations for a
> replacement/alternative for OpenLDAP that would provide a central
> *password* repository and preferably integrate into AD? Supported
> clients need to include most common OSes such as Solaris, Tru64, HP/UX,
> AIX, Redhat/Linux, OSX, etc.

If AD hosts must be able to authenticate to it then the decision is
already made:  Kerberos 5.  Unmodified AD clients understand nothing else,
with the exception of the proprietary downlevel NT authentication scheme.
I'm pretty sure that all of the OSes you mention can be configured to
authenticate against Kerberos.

OpenLDAP plays nicely with Kerberos, if you need directory services in
addition to authentication.

[snip]
> I keep hearing and seeing that everyone and their grandmother has
> LDAP/SSO working and I'm just wondering what people are using *other*
> than OpenLDAP (as this no longer appears a viable solution).

It would be interesting to know why you consider OpenLDAP no longer
viable in your application.  It might even help us provide answers which
you would find more useful.

- -- 
Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
MS Windows *is* user-friendly, but only for certain values of "user".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/

iD8DBQE/gXT7s/NR4JuTKG8RAncAAJ44sXhX7kwpTU1eI19KsSpsE+KYTQCgqyMG
ISApSu92Oz6t1TmeRXqfSbY=
=TaiU
-----END PGP SIGNATURE-----