[CentOS] which ldap do you like
Rainer Duffner
rainer at ultra-secure.de
Fri Sep 11 22:57:05 UTC 2009
Am 12.09.2009 um 00:43 schrieb Johnny Hughes:
> On 09/11/2009 11:46 AM, Gregory P. Ennis wrote:
>> To All,
>>
>> I am going to try my hand at setting up an ldap server. I have
>> looked
>> at what is available and would like to ask your opinions as to what
>> is a
>> good one to have.
>>
>> openldap, centos-ds, and freeipa seem to be high on everyone's list.
>> Which one do you like, and does it have a good setup tutorial I could
>> use. So far the tutorials I have looked at seem out of sync with the
>> curent versions of ldap servers.
>
> We currently use openldap/samba for our directory services.
>
> It uses the older NT type (or mixed mode) authentication, but so far
> almost anything that requires windows authentication works fine.
>
> The CentOS DS is likely better, and certainly supports more Active
> Directory things ... and we might well use it as a replacement for
> openldap/samba.
>
> I am also using smbldap-tools from here:
>
> https://gna.org/projects/smbldap-tools/
This may really be the fault of the underlying SMB-protocol, but for
me, every implementation of LDAP+Samba that I have seen has "HACK!"
written in big bold letters all over it.
FreeIPA is really cool.
It solves the problem that most LDAP-implementations have: the
password is in the directory.
FreeIPA integrates LDAP and Kerberos the way Windows AD does it for
Windows - but this time for Unix.
Unfortunately, its development wasn't that active over the last year.
From the mailinglist-archives, it seems they want to release
something towards the end of the year (and finally update the web-
page...)
Rainer
More information about the CentOS
mailing list