* A Standardized Open Source Network Authentication System
posted by Van Emery on Mon 26th Apr 2004 06:24 UTC
"FOSS Authentication System, Page 3/3"
Conclusion

If IT managers could add any Unix-like OS to the network with no authentication interoperability worries, then enterprise adoption of non-Microsoft platforms would accelerate.

Concerning the relative importance of this task in the hierarchy of open source projects:

  • It is more important than new wireless card drivers
  • It is more important than adding IPv7 support to the Linux kernel
  • It is more important than supporting 256 CPUs
  • It is more important than 3D video support or gee-whiz sound

Successful completion of a project like OpenDAS would push open source into the enterprise and the data center faster than many of the other projects that are being funded and pursued.

In short, centralized authentication and naming would become standardized, commoditized, and ubiquitous. This might be bad news for Microsoft and Novell, but everyone else would benefit.

The open source community has pulled together on many projects and standards. This particular challenge: developing, standardizing, promoting, and commoditizing an open source network authentication system, is both possible and practical to pursue.

This is a worthy goal. Let us join forces to accomplish it.

Links and References

Apple
OS X Server ships with OpenDirectory, which uses OpenLDAP and Kerberos 5. The server can also be configured to authenticate to other systems, such as NIS, eDirectory, and Active Directory. Regular OS X machines ship with MIT Kerberos, kerberized applications, and LDAP support.

Sun
Included with Solaris 9 and Solaris 10:
Kerberos 5 KDC
Sun One Directory Server
LDAP Support in Solaris Management Console
Secure LDAP Client
Solaris 9 Security Features
Solaris 9 Manageability Features

Novell
Novell's eDirectory uses LDAP and works with Linux, Windows, Solaris, AIX, NetWare and HP-UX.

Open Group
The Open Group's DCE utilizes LDAP and Kerberos.

OpenLDAP
http://www.openldap.org/

MIT Kerberos 5
http://web.mit.edu/kerberos/www/

Heimdal Kerberos 5
http://www.pdc.kth.se/heimdal/

Pluggable Authentication Modules (PAM)
http://www.kernel.org/pub/linux/libs/pam/

About the Author:
Van Emery is a data Network Engineer/System Administrator. Currently he is working as a system administrator at Academia Sinica in Taipei, Taiwan. His homepage is here.

Table of contents
  1. "FOSS Authentication System, Page 1/3"
  2. "FOSS Authentication System, Page 2/3"
  3. "FOSS Authentication System, Page 3/3"
e p (0)    75 Comment(s)

Related Articles

* Major Scammer/Spammer Now Offline
posted by David Adams on Thu 13th Nov 2008 16:02
* Good Code, Bad Computations: a Computer Security Gray Area
posted by Thom Holwerda on Mon 10th Nov 2008 08:31, submitted by irbis
* SELinux and Security Changes in the 2.6.27 Linux
posted by Rahul on Mon 13th Oct 2008 21:49