+1 for FreeIPA or Red Hat IdM (if you wanted the supported version). If you don't want the full blown IPA product with Kerberos and PKI, you can use the 389 Directory Server. I've found it to have the best multi-master support of any of the options out there.
Disclaimer: I do work with with the 389 DS developers on occasion and run a large 389/RHDS cluster. Cheers, Brian On 3/23/15 7:39 AM, Jason Healy wrote: > Hello all, > > I’m looking to tap the collective wisdom for product selection > advice and also recommendations for professional services for our > environment. We’re looking to replace our current authentication > system. We’re a K-12 that’s all-Apple (about 500 client machines). > On the server side, we’re a mix of OS X, Linux, and BSDs. > > We currently run Apple’s OpenDirectory (OD). We use it as the > central auth for wireless (RADIUS), Apple-based logins (AFP, > FileMaker), web services (Apache LDAP auth), and server and > bound-client logins. Let’s assume for the moment (lest this thread > get out of control) that: > > - We want to move away from Apple for auth - We do NOT want to move > to Windows AD > > I’ve re-read the recent discussion from October 2014 about “AD for > Linux”, and it sounds like there are some good options out there. > I’ve got a short list of: > > - Samba 4 - FreeIPA - Apache DS > > I’m looking for: > > 1) Any other projects I should take a look at for central auth. > > 2) Recommendations for companies that will consult and help us > design, build, deploy, and document a functioning central auth > system using one of these technologies. > > We love figuring stuff out for ourselves, but I’m behind on some > projects and this seems like something that we could get some help > on rather than mucking about on our own. I know of a couple > open-source consulting firms by reputation, but would love to hear > of others. We’re near Hartford CT / Springfield MA if we’re > talking about local shops. > > Thanks in advance for any advice, > > Jason _______________________________________________ Tech mailing > list Tech@lists.lopsa.org > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list > provided by the League of Professional System Administrators > http://lopsa.org/ > _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
