Ubuntu Domain Server

Chan Chung Hang Christopher christopher.chan at bradbury.edu.hk
Thu Oct 22 14:29:00 UTC 2009 

Steven Susbauer wrote:
>
> On Oct 22, 2009, at 2:56 AM, Christopher Chan wrote:
>
>> Steven Susbauer wrote:
>>>
>>> On Oct 21, 2009, at 10:56 PM, Christopher Chan wrote:
>>>
>>>> Ryan Dwyer wrote:
>>>>>
>>>>> It doesn't matter how much work is involved. Do you think the
>>>>> Linux/Ubuntu community would be willing to change the way system
>>>>> logons work if it meant bug #1 could be completed?
>>>>
>>>> Let us see. To change the way system logons work would mean changing
>>>> pam, the C library and just about anything that has to do with system
>>>> accounts. You are welcome to try to convince the Ubuntu community to
>>>> maintain a fork of all these essential system libraries and offer some
>>>> form of backwards compatibility to avoid having to also modify who 
>>>> knows
>>>> how many other packages like sendmail, apache, bind, ..., ..., ...,
>>>> everything. Mac OS X, a certified UNIX system as of Snow Leopard, is
>>>> enjoying a measure of success without having to become Windows 
>>>> like. You
>>>> are barking up the wrong tree here.
>>>>
>>>
>>> Note that OS X (that UNIX certified system) has completely changed 
>>> how system logons work. User accounts (and a ton of other things) 
>>> are managed through the Open Directory service even on the local 
>>> machine. The plus of this is it is also highly compatible with 
>>> external directory services. It takes three or four clicks of a 
>>> mouse to configure the system to use a domain server and 
>>> authenticate domain users against a centralized system. Their system 
>>> is both compatible with traditional UID/GID, and also allows for 
>>> separation of local machine and domain accounts.
>>>
>>> I am not extremely familiar with the intricacies of the OS X Open 
>>> Directory system and know that they have put in the work to make it 
>>> work well and be compatible. It is not impossible and certainly 
>>> worth considering before writing it off. Of course it may be that it 
>>> is too much work to implement something similar.
>>
>> OH? Now this is interesting. I wonder if it is present in Darwin 
>> where we can have a look at it.
>
> It is indeed.
>
> See: http://developer.apple.com/opensource/dirservices/ as well as 
> http://developer.apple.com/mac/library/documentation/Networking/Reference/DirectoryServiceFramework/index.html 
>
>
> Both the Directory Service and OpenDirectory server are on their open 
> source download page and are APSL.

Both those links seem to be about how to access a directory...not about 
how they use the information from the directories. Definitely nothing 
about having a system where there is a 'local' vs 'domain' accounts.

More information about the Ubuntu-devel-discuss mailing list