I plan to implement a common authentication and authorization system
for several Linux applications. My research has redirected me to
FreeIPA, and I am happy to know about such a good project.
However, I dont have any purpose of managing non-windows computers and
users. This is a one gateway box, single machine system.
My planned system has several services, Some examples to use that AA
system is: xl2tpd, pptpd, openvpn, squid and some custom made web
I need the following functions for those services and applications:
- User authentication
- User roles and authorization (vpnuser, manager, webuser...)
- User, role and credentials management (creating users by admin,
passsword changes by users,...)
- AD and radius sync or proxying AA.
The services can be connected to the AA system through an
authenticator system binary. Binary is called with user credentials
and service requesting AA; and results in grant or reject. System
services may use this binary for checking authentication and
Do you think FreeIPA is a good choice? What would you suggest, otherwise?
Freeipa-users mailing list