I have found the Mac AD client to actually work better with AD than their Apple's own OD client ever did with their own OD servers. Hard to believe, but the simple solution here is really AD. Massive install base, huge user community, and very well documented. I'd take the ms technotes over wading the samba listers any day if it's my job. But I'd like to see freeIPA grow more. I'd love to not support 2008r2 and 2012 anymore, but AD has worked well for me for the most clients the most times.
Iain On Monday, March 23, 2015, Brad Bendily <morbothegr...@gmail.com> wrote: > Resending this cause i forgot to use the correct outgoing addr. > > Not sure if the cost but maybe look at NetIQ/Novell's eDirectory. > Their directory is solid and easily extensible. It's also standards > compliant ldap. > > On Mon, Mar 23, 2015 at 6:39 AM, Jason Healy <jhe...@logn.net > <javascript:;>> wrote: > > Hello all, > > > > I’m looking to tap the collective wisdom for product selection advice > and also recommendations for professional services for our environment. > We’re looking to replace our current authentication system. We’re a K-12 > that’s all-Apple (about 500 client machines). On the server side, we’re a > mix of OS X, Linux, and BSDs. > > > > We currently run Apple’s OpenDirectory (OD). We use it as the central > auth for wireless (RADIUS), Apple-based logins (AFP, FileMaker), web > services (Apache LDAP auth), and server and bound-client logins. Let’s > assume for the moment (lest this thread get out of control) that: > > > > - We want to move away from Apple for auth > > - We do NOT want to move to Windows AD > > > > I’ve re-read the recent discussion from October 2014 about “AD for > Linux”, and it sounds like there are some good options out there. I’ve got > a short list of: > > > > - Samba 4 > > - FreeIPA > > - Apache DS > > > > I’m looking for: > > > > 1) Any other projects I should take a look at for central auth. > > > > 2) Recommendations for companies that will consult and help us design, > build, deploy, and document a functioning central auth system using one of > these technologies. > > > > We love figuring stuff out for ourselves, but I’m behind on some > projects and this seems like something that we could get some help on > rather than mucking about on our own. I know of a couple open-source > consulting firms by reputation, but would love to hear of others. We’re > near Hartford CT / Springfield MA if we’re talking about local shops. > > > > Thanks in advance for any advice, > > > > Jason > > _______________________________________________ > > Tech mailing list > > Tech@lists.lopsa.org <javascript:;> > > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > > This list provided by the League of Professional System Administrators > > http://lopsa.org/ > _______________________________________________ > Tech mailing list > Tech@lists.lopsa.org <javascript:;> > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ > -- -- - Iain Morris iain.t.mor...@gmail.com
_______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
