Ubuntu Domain Server
Chan Chung Hang Christopher
christopher.chan at bradbury.edu.hk
Thu Oct 22 14:29:00 UTC 2009
Steven Susbauer wrote:
>
> On Oct 22, 2009, at 2:56 AM, Christopher Chan wrote:
>
>> Steven Susbauer wrote:
>>>
>>> On Oct 21, 2009, at 10:56 PM, Christopher Chan wrote:
>>>
>>>> Ryan Dwyer wrote:
>>>>>
>>>>> It doesn't matter how much work is involved. Do you think the
>>>>> Linux/Ubuntu community would be willing to change the way system
>>>>> logons work if it meant bug #1 could be completed?
>>>>
>>>> Let us see. To change the way system logons work would mean changing
>>>> pam, the C library and just about anything that has to do with system
>>>> accounts. You are welcome to try to convince the Ubuntu community to
>>>> maintain a fork of all these essential system libraries and offer some
>>>> form of backwards compatibility to avoid having to also modify who
>>>> knows
>>>> how many other packages like sendmail, apache, bind, ..., ..., ...,
>>>> everything. Mac OS X, a certified UNIX system as of Snow Leopard, is
>>>> enjoying a measure of success without having to become Windows
>>>> like. You
>>>> are barking up the wrong tree here.
>>>>
>>>
>>> Note that OS X (that UNIX certified system) has completely changed
>>> how system logons work. User accounts (and a ton of other things)
>>> are managed through the Open Directory service even on the local
>>> machine. The plus of this is it is also highly compatible with
>>> external directory services. It takes three or four clicks of a
>>> mouse to configure the system to use a domain server and
>>> authenticate domain users against a centralized system. Their system
>>> is both compatible with traditional UID/GID, and also allows for
>>> separation of local machine and domain accounts.
>>>
>>> I am not extremely familiar with the intricacies of the OS X Open
>>> Directory system and know that they have put in the work to make it
>>> work well and be compatible. It is not impossible and certainly
>>> worth considering before writing it off. Of course it may be that it
>>> is too much work to implement something similar.
>>
>> OH? Now this is interesting. I wonder if it is present in Darwin
>> where we can have a look at it.
>
> It is indeed.
>
> See: http://developer.apple.com/opensource/dirservices/ as well as
> http://developer.apple.com/mac/library/documentation/Networking/Reference/DirectoryServiceFramework/index.html
>
>
> Both the Directory Service and OpenDirectory server are on their open
> source download page and are APSL.
Both those links seem to be about how to access a directory...not about
how they use the information from the directories. Definitely nothing
about having a system where there is a 'local' vs 'domain' accounts.
More information about the Ubuntu-devel-discuss
mailing list