On Thu, 2009-12-10 at 22:01 -0700, Yves Dorfsman wrote: > Richard Chycoski wrote: > > AD is solid, scalable, and well supported. There *are* some gotchas if > > you are looking for 100% LDAP compatibility, but for authc/authz (login, > > groups, etc.) nothing else performs quite as well. (I do hope that Open > > LDAP catches up!) > What is the advantage of going ldap against AD vs. using kerberos ?
AD is Kerberos. LDAP and Kerberbos are not the same thing (identification vs. authorization). You need LDAP + Kerberos or you need AD. AD provides a lot of management tools and a policy infrastructure. LDAP + Kerberos is very much hoe-your-own-row. We are an OpenLDAP + Kerberos shop with a Samba PDC using the LDAP SAM. Very much looking forward to Samba 4 which provides AD services. -- OpenGroupware developer: [email protected] <http://whitemiceconsulting.blogspot.com/> OpenGroupare & Cyrus IMAPd documenation @ <http://docs.opengroupware.org/Members/whitemice/wmogag/file_view> _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
