You've already got AD, so you could use VAS (http://vintela.com) for your Unix and Linux systems, VSJ for the J2EE app servers. Best practice now days is to standardize on a primary identity store for as many platforms as possible. Unix, Linux, j2ee and Windows systems can all use AD with a few add-on products out there. The fewer directories the fewer identities the fewer issues the fewer audit failures = less admin costs more ROI. Anything that is legacy that you can't get working with kerberos/AD you can take a metadirectory solution like MIIS and synchronize.
Kyle .===================================. | This has been a P.L.U.G. mailing. | | Don't Fear the Penguin. | | IRC: #utah at irc.freenode.net | `==================================='
