Am 12.09.2009 um 00:43 schrieb Johnny Hughes:
On 09/11/2009 11:46 AM, Gregory P. Ennis wrote:
To All,
I am going to try my hand at setting up an ldap server. I have looked at what is available and would like to ask your opinions as to what is a good one to have.
openldap, centos-ds, and freeipa seem to be high on everyone's list. Which one do you like, and does it have a good setup tutorial I could use. So far the tutorials I have looked at seem out of sync with the curent versions of ldap servers.
We currently use openldap/samba for our directory services.
It uses the older NT type (or mixed mode) authentication, but so far almost anything that requires windows authentication works fine.
The CentOS DS is likely better, and certainly supports more Active Directory things ... and we might well use it as a replacement for openldap/samba.
I am also using smbldap-tools from here:
This may really be the fault of the underlying SMB-protocol, but for me, every implementation of LDAP+Samba that I have seen has "HACK!" written in big bold letters all over it.
FreeIPA is really cool. It solves the problem that most LDAP-implementations have: the password is in the directory. FreeIPA integrates LDAP and Kerberos the way Windows AD does it for Windows - but this time for Unix.
Unfortunately, its development wasn't that active over the last year.
From the mailinglist-archives, it seems they want to release something towards the end of the year (and finally update the web- page...)
Rainer