Aye there's too much marketing messing up reality you're right. Forgive me for not seeing Emmanuel's posts earlier.
Alex On Jan 23, 2008 1:22 PM, Denis Cardon <[EMAIL PROTECTED]> wrote: > Hi Alex, > > > Forgive me for correcting you here but ApacheDS has a DNS and Kerberos > > service embedded inside. ApacheDS is not only an LDAP server. > > thanks for the input, Emmanuel already briefed me on that and I expect > to roll out a test bench once I manage to get a few hours off. > > > Also MS ActiveDirectory as a process just services LDAP requests (not > fully > > compliant but it works). Another separate process actually handles the > > Kerberos requests as the AS and TGTS. Also the DNS service is a > different > > service as well. So no MS ActiveDirectory is not all these things in > one. > > Actually it is just a war of words. On its web site MS says (among other > things :-) "Active Directory provides: (...) Information security and > single sign-on for user access to network resources". So I guess > Kerberos is considered part of ActiveDS (I also doubled checked with > some MCSE people about this wording). Ref : > > http://technet2.microsoft.com/WindowsServer/en/library/6f8a7c80-45fc-4916-80d9-16e6d46241f91033.mspx?mfr=true > > Granted I've not checked at the process level though to see how they > named all that stuff :-) > > > I think you might have been referring to a Windows 200X Server being > > replaced by the components you listed? > > In my daily business I carry out migration to FOSS systems (both servers > and desktop/thin clients). Currently one of the unremoveble piece of > software in a Windows environnement is the Domain Controler (unless it > is NT4 based, which is still quite common in French SMBs). > > Many people asume that, because FOSS world provide first grade ldap > servers, it may be possible to replace an ActiveDS. I just wanted to > underline that it is not that simple... > > > I may be wrong though hopefully someone can clarify. > > I hope I did clarify my former statement :-) > > Cheers, > > Denis > > > > > Regards, > > Alex > > > > > > On Jan 23, 2008 4:42 AM, Denis Cardon < > [EMAIL PROTECTED]> > > wrote: > > > >> Hi Ossi, > >> > >>> 1) we currently use ADS for experiments, we plan to replace MS Active > >>> Directory Server with a more open LDAP Server > >> actually Active Directory is more than just a ldap server. It bundles a > >> customified ldap server, a kerberos server, a dns server, and some ms > >> rpc stuff. So apache directory server could not, by itself stands for > an > >> active directory replacement (unless the only thing you need is the > ldap > >> part). > >> > >> Open source projects are getting close to a replacement of ActiveDS, > and > >> bundling ApacheDS + Samba4alpha3 + Bind/sdb_ldap should almost do the > >> trick, however it is not yet very polished and might need some > twicking. > >> > >> Cheers, > >> > >> Denis > >> > >> > >>> 2) pros: open source, certified, stable, java > >>> cons: documentation is not foolproof. in our company there > >>> is no ldap specialist, only basic knowledge is there. > >>> when we tried to synchronize MS Active Directory with > >>> ADS the docs where too confusing (for us fools) > >>> > >>> documentation could show more examples > >>> > >>> 3) dont eve know what i could do already. as with 2: we > >>> need to sync different user stores into one directory > >>> (LDAP, from MySql DB, from Oracle DB) and then > >>> replicate / mirror this one > >>> > >>> i ve seen such features with penrose ldap solution > >>> but i have not done an evaluation yet > >>> > >>> 4) we are commercial, selling a java framework (rcp, webapps) > >>> currently the plan is to use ADS for inhouse administration > >>> and later integrate it into the our secure-server > >>> > >>> 5) just go on please :) > >>> > >>> > >>> regards > >>> > >>> ossi > >>> > >>> > >>> > >>> Emmanuel Lecharny schrieb: > >>>> Hi ! > >>>> > >>>> This is the very beginning of 2008, and we are all working hard to > get > >> a > >>>> 2.0 out in the next few months. At this point, we think it's a good > >>>> timing to get some feedback from you, users and developpers ! Here is > a > >>>> short list of question you may answer, but this is very up to you. We > >>>> don't need names ( "I'm working for company XYZ" ), this is just > >>>> informational. > >>>> > >>>> *Keep in mind that those informations will appear on the > >>>> Apache ML and many other, so if you think that any confidential piece > >> of > >>>> it should not be disclose, then don't answer !* > >>>> > >>>> 1) What are you using ADS for ? Is it in production, used to do some > >>>> tests during developpement, or simply as a toy ? > >>>> > >>>> 2) What are the Pros and Cons you clearly see ? > >>>> > >>>> 3) What would be the major features or improvement you are expecting > to > >>>> see in the near future ? > >>>> > >>>> 4) Are you a commercial entity, an non-for profit organization, an > >>>> Apache project, a student or an individual just interested in the > >> techno > >>>> ? (no name needed) > >>>> > >>>> 5) Any other opinion or feedback you would like to share with us ? > >>>> > >>>> Thank you all for helping us being more aware ! > >>>> > >> > >> -- > >> Denis Cardon > >> Tranquil IT Systems > >> 44 bvd des pas enchantés > >> 44230 Saint Sébastien sur Loire > >> tel : +33 (0) 2.40.97.62.67 > >> http://www.tranquil-it-systems.fr > >> > >> > >> > > > > > -- > Denis Cardon > Tranquil IT Systems > 44 bvd des pas enchantés > 44230 Saint Sébastien sur Loire > tel : +33 (0) 2.40.97.62.67 > http://www.tranquil-it-systems.fr > > >
