On Mon, Mar 23, 2015 at 7:28 AM, Jonathan Billings
wrote:
> On Mon, Mar 23, 2015 at 07:39:12AM -0400, Jason Healy wrote:
> > I’m looking to tap the collective wisdom for product selection
> > advice and also recommendations for professional services for our
> > environment. We’re looking to repl
Another +1 for FreeIPA.
It will be very helpful if you're familiar with ssl, ldap, kerberos, osx
authentication and account management in the case of needing to troubleshoot.
I've migrated a small office (~100 OSX clients) from OpenDirectory to FreeIPA
without too many headaches -- accounts wit
Not sure if the cost but maybe look at NetIQ/Novell's eDirectory. Their
directory is solid and easily extensible. It's also standards compliant ldap.
> On Mar 23, 2015, at 6:39 AM, Jason Healy wrote:
>
> Hello all,
>
> I’m looking to tap the collective wisdom for product selection advice an
think it's free as well.
Greg.
-Original Message-
From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org] On
Behalf Of Jason Healy
Sent: Tuesday, 24 March 2015 8:20 AM
To: LOPSA Tech
Subject: Re: [lopsa-tech] Directory Server for Apple and Unix Environment
On Mar 23, 2
+1 for FreeIPA or Red Hat IdM (if you wanted the supported version).
If you don't want the full blown IPA product with Kerberos and PKI,
you can use the 389 Directory Server. I've found it to have the best
multi-master support of any of the options out there.
Disclaimer: I do work with with the
On Mon, 2015-03-23 at 17:49 -0400, Jason Healy wrote:
> On Mar 23, 2015, at 12:35 PM, Gilbert Wilson wrote:
> I am well aware of AD’s place, and we may well consider it on the
> merits of it being so popular. However, we literally have no basis
> for supporting Windows.
All by AD DCs are LINUX
On Mar 23, 2015, at 5:49 PM, Jason Healy wrote:
> Since AD (the protocol/concept) is so well-supported, we may put Samba at the
> top of the list. We too tried it out right after 4 was released, but found
> the documentation lacking. It’s been a couple years, so we can give it
> another chance
On Mar 23, 2015, at 12:35 PM, Gilbert Wilson wrote:
>> I'm amused everyone seems to be telling you to set up an AD
>> infrastructure when you have absolutely no windows clients or
>> servers.
>
> That’s because AD is a first tier directory server for OS X systems.
> Arguably, at this point, App
> From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org]
> On Behalf Of Jonathan Billings
>
> I'm amused everyone seems to be telling you to set up an AD
> infrastructure when you have absolutely no windows clients or
> servers.
That's because AD is so popular and well known as
> From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org]
> On Behalf Of Adam Tauno Williams
>
> +1 Samba4: Works great, easy to setup, lots of tools. And
> documentation for Active Directory generally applies 99.44% so a low
> obscurity factor.
I have not personally had that g
How about Identity as a Service, or cloud based auth? Some of them
seem to offer pretty good onboarding/offboarding which I wish we had
when I was at an EDU.
No idea on costs, as we've not looked in that direction ourselves.
Representative services might be Okta, Duo Security?, Ping Identity, et
> On Mar 23, 2015, at 7:28 AM, Jonathan Billings wrote:
>
> On Mon, Mar 23, 2015 at 07:39:12AM -0400, Jason Healy wrote:
>> I’m looking to tap the collective wisdom for product selection
>> advice and also recommendations for professional services for our
>> environment. We’re looking to replac
On Mon, 2015-03-23 at 07:39 -0400, Jason Healy wrote:
> - We want to move away from Apple for auth
> - We do NOT want to move to Windows AD
> I’ve re-read the recent discussion from October 2014 about “AD for
> Linux”, and it sounds like there are some good options out there.
> I’ve got a short l
On Mon, Mar 23, 2015 at 07:39:12AM -0400, Jason Healy wrote:
> I’m looking to tap the collective wisdom for product selection
> advice and also recommendations for professional services for our
> environment. We’re looking to replace our current authentication
> system. We’re a K-12 that’s all-Ap
I have found the Mac AD client to actually work better with AD than their
Apple's own OD client ever did with their own OD servers. Hard to believe,
but the simple solution here is really AD. Massive install base, huge user
community, and very well documented. I'd take the ms technotes over wadi
> From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org]
> On Behalf Of Jason Healy
>
> Apple (about 500 client machines). On the server side, we're a mix of OS X,
> Linux, and BSDs.
>
> We currently run Apple's OpenDirectory (OD). We use it as the central auth
> for wireless
Resending this cause i forgot to use the correct outgoing addr.
Not sure if the cost but maybe look at NetIQ/Novell's eDirectory.
Their directory is solid and easily extensible. It's also standards
compliant ldap.
On Mon, Mar 23, 2015 at 6:39 AM, Jason Healy wrote:
> Hello all,
>
> I’m looking t
17 matches
Mail list logo
