Monday, March 26, 2007

Ubuntu and the Enterprise Directory

One of the Google Summer of Code projects for Ubuntu is "LDAP Out-of-the-box" ( - something that we are busy addressing within Impi Linux at the moment.

After a cursory investigation I have come to belief that unfortunately not much has changed in the last 4 years regarding Linux and something like an Enterprise Directory.

What do I mean by an Enterprise Directory?
- A product like Microsoft Active Directory ( and Novell eDirectory ( built from FLOSS

The challenges?
- Just as far as Kerberos is concerned here is a preview...
  1. Currently neither Heimdal or MIT Kerberos can be found in the stable Dapper repositories (only in Universe).
  2. A sane default configuration has to the developed and packaged for easy installation.
  3. Bootstrap processes need to be developed to get the system up and running.
  4. Clients have to recompiled/patches/fixed to support SSO via Kerberos
  5. The client OS has to be "kerberized" (pam support for kerberos logon, changing of passwords, password policies...)
Then there's LDAP, Samba, Cups, DNS, etc, etc.

No wonder the state has not changed much in the last 4 years...

No comments: