On Sat, 2010-10-02 at 21:52 -0700, Iain Morris wrote:
>
>
> On Sat, Oct 2, 2010 at 7:29 PM, Craig White <craigwhite@xxxxxxxxxxx>
> wrote:
>
>
> ----
> This discussion completely ignores the fact that user
> authentication is
> just one of the many things LDAP does. If all you are going to
> do with
> LDAP is simple user & group management then you have a lack of
> imagination.
>
>
>
> Not to stray much further off the subject, nor defend AD much further
> on the CentOS list, but AD does a lot more than user/group auth. In
> fact it does everything in your list (DNS, mail access lists, etc),
> and quite a bit more out of the box.
>
>
> Apple's Open Directory is a nice start, but pretty far behind in the
> race. In fact if I had a 1000 Mac installation, I'd rather build an
> AD domain and extend the schema to include the Apple attributes and
> use WG Manager for the Macs. I honestly believe Apple has put more
> engineering time into their AD plugin than their OD native interface.
>
> Believe me I'm no Microsoft enthusiast, but AD is a capable and mature
> product for the job. Obviously for maximum flexibility stock MIT
> Kerberos and OpenLDAP win, but I think I'd be wasting a lot of time
> using them bare-bones when administrating a large multi-site
> organization. Open-source is free, but it's definitely not free once
> you start spending your evenings combing mailing lists and debugging
> fringe issues that keep your business from meeting its goals.
----
AD yes, LDAP no
You have to go to different tools for everything...
Mail (routing/aliases) - Exchange
DNS - Their DNS tool
I have no problem using OpenLDAP to setup/configure not only users but
also automounts for Linux/Macintosh users, central user/group
authentication and even share the home directories across the board
(Linux/Macintosh/Windows users so regardless of which system they use,
they have access to their same files). You aren't going to get that done
with Active Directory tools.
Active Directory provides a fairly decent configuration tool set for the
unimaginative administrator who wants to do everything the Microsoft way
but try extending AD's LDAP. If I had a large multi-site organization,
the last tool I would use is AD.
Craig
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
