Re: [389-users] Advantage to synching with AD?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



2010/3/5 Dumbo Q <dumboq@xxxxxxxxx>:
> I'm linux guy, and if it were up to me windows would not be in my server
> environment.  However I am in a mixed environment where All windows servers
> use AD for authentication, and linux servers have no authentication setup.
>
> My first thought is to use rhds or 389 to sync with AD.  After stewing on
> this for a little bit, I wonder is there any benefit that I will be gaining
> by doing this.
>
> Does anyone have experience and can say why I should do this rather then
> just authenticate to AD?  Again I'd prefer linux, but I prefer not
> over-complicating core infrastructure more.

I suppose it depends on your AD server. If they can add the
appropriate schemas to seamlessly integrate your systems, and there
are no issues with appropriate authorization and duties, then there is
a case for authenticating directly to AD. An upside if you have a lot
of end users is that your support infrastructure might not have to
deal with password resets and account creation/modification.

On the other hand, if the Linux servers are critical to the business,
you can make a case that if the AD domain goes down, a proxy Linux
LDAP can ensure that at least the Linux systems have no outage (with
appropriate caching, etc.). You also maintain a bit more control over
the auth setup.
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users


[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux