As mentioned in my previous post there are multiple ways to connect a Linux system to Active Directory (AD) directly. With this in mind, let us review the following list of options…
- The legacy integration option: this is a solution where (likely older) native Linux tools are used to connect to an LDAP server of your choice (e.g. AD).
- The traditional integration option: this is a solution based on Samba winbind.
- The third-party integration option: this is a solution based on (proprietary) commercial software.
- The contemporary integration option: this is a solution based on SSSD.
Legacy Integration Option
In the case of the legacy integration option (see figure above), a Linux system is connected to AD using LDAP for identity lookup and LDAP or Kerberos for authentication. It pretty much solves the problem of basic user authentication. That said, such a solution has the following significant limitations:
Continue reading “Overview of Direct Integration Options”
Have you ever purchased a new dishwasher? For those of you who have, you know that the dishes don’t get washed until your “purchase” is picked-up/delivered, the old dishwasher is removed, and the new unit is hooked-up. In fact, until the new dishwasher is hooked-up, it simply doesn’t work. The dishwasher can be smart, stylish, noiseless, and/or energy-efficient… but none of this matters if it’s not properly connected. At the end of the day, if you want to enjoy the luxury of automatic dish washing, one thing is clear: your new dishwasher needs to be hooked-up.
The act of hooking-up a dishwasher is not unlike adding a Linux system to an existing enterprise IT environment. When you deploy a Linux system, it too needs to be “hooked-up”. As the data that flows through your environment consists of different kinds of objects (e.g. users, groups, hosts, and services) the associated identity information is not unlike the water in your dishwasher. Without this identity information
Continue reading “An Introduction to Interoperability Challenges in the Modern Enterprise”
Six months ago we announced the beta availability of Red Hat Enterprise Linux 7. Two months ago, at Red Hat Summit 2014, we announced the availability of a release candidate for Red Hat Enterprise Linux 7. All the while we have been validating what’s new, different, and exciting about what Red Hat Enterprise Linux 7 has to offer – including:
Today we are pleased to announce the general availability of Red Hat Enterprise Linux 7, the latest major release of our flagship platform. As stated in this morning’s press release:
Continue reading “Red Hat Unveils Red Hat Enterprise Linux 7”
It seems that the daily news is full of the fallout that results when companies fail to protect online identities. The ability to limit access to sensitive applications and information to the right people with the right credentials is critical to ensuring the overall security of your infrastructure; critical… but not always easy.
Until recently, options for centralized identity management for the Linux environment were limited. There was no turnkey domain controller-like solution for the Linux/UNIX environment. Some Linux shops integrated open source tools like Kerberos and DNS to create centralized Linux-based identity management, but this option could be time-consuming to develop and expensive to maintain. Others integrated Linux clients directly into Microsoft Active Directory, but this option limited their ability to take advantage of some useful native Linux functionality like sudo and automount.
Continue reading “Who Goes There? Identity Management in Red Hat Enterprise Linux 7 Beta”