Ubuntu Domain Server

[Steven Susbauer]

On Oct 21, 2009, at 10:56 PM, Christopher Chan wrote:

> Ryan Dwyer wrote:
>>
>> It doesn't matter how much work is involved. Do you think the
>> Linux/Ubuntu community would be willing to change the way system
>> logons work if it meant bug #1 could be completed?
>
> Let us see. To change the way system logons work would mean changing
> pam, the C library and just about anything that has to do with system
> accounts. You are welcome to try to convince the Ubuntu community to
> maintain a fork of all these essential system libraries and offer some
> form of backwards compatibility to avoid having to also modify who  
> knows
> how many other packages like sendmail, apache, bind, ..., ..., ...,
> everything. Mac OS X, a certified UNIX system as of Snow Leopard, is
> enjoying a measure of success without having to become Windows like.  
> You
> are barking up the wrong tree here.
>

Note that OS X (that UNIX certified system) has completely changed how  
system logons work. User accounts (and a ton of other things) are  
managed through the Open Directory service even on the local machine.  
The plus of this is it is also highly compatible with external  
directory services. It takes three or four clicks of a mouse to  
configure the system to use a domain server and authenticate domain  
users against a centralized system. Their system is both compatible  
with traditional UID/GID, and also allows for separation of local  
machine and domain accounts.

I am not extremely familiar with the intricacies of the OS X Open  
Directory system and know that they have put in the work to make it  
work well and be compatible. It is not impossible and certainly worth  
considering before writing it off. Of course it may be that it is too  
much work to implement something similar.