On Thu, 2005-12-01 at 20:33 -0700, Craig White wrote:
On Thu, 2005-12-01 at 16:38 -0800, Bryan J. Smith wrote:
"William (Bill) E. T." wtriest@chemistry.ohio-state.edu wrote:
One of our strategic goals for this year is to switch from NIS to LDAP (which hasn't happened so far due to some
ancient
Unix boxes). Which should I investigate first OpenLDAP or
FDS?
Can some one point me to pro's and cons? (links very much appreciated)
FDS is NsDS, which has been a _long_time_ and is well trusted. It's synchronization with ADS is much, much better, and removes the need to deal with a set of "glue together" services just to get such. The included certificate server is a nice touch, although being truly open, you can still use Kerberos and other authentication systems as well.
But probably the biggest boost to why NsDS is more viable for most enterprises than OpenLDAP is Red Hat's license of it. Red Hat really tried to make OpenLDAP work in its enterprise services model, but in the end, it was well worth their bother to pay $20M to open source NsDS. Red Hat is behind it 100%, and that includes charging $15,000/server for what is free in the same FDS you can download.
OK - I'm intrigued...I just signed up for their mail list to see what the questions/problems are.
I think FDS (RH Directory Services) will certainly be the answer in the long run ... at least for PNAELV source based distros like CentOS. We will provide it once it is released by the upstream vendor in it's final form for the enterprise. For now, OpenLDAP works OK ... as least for me.