On Tue, 2011-05-10 at 23:42 +0200, Sigbjorn Lie wrote: > Hi, > > I would like to see the ipa client scripts and possibly the admin tools > in a nice Solaris package. This would make my job a lot easier as we > have a lot of customers running Solaris. :) > > For the server part I agree with you, keep it at RHEL. > > SSSD @ Solaris / HP-UX / AIX ... well there isn't much (if any) of the > UNIX vendors selling their iron as client machines anymore. And I don't > see a considerable benefit in adding SSSD to servers, who will be well > connected to the network anyway.
Actually, SSSD is still valuable on server systems (and is used very often in datacenters). The reason is that it can allow a server to ride out an outage in the LDAP and/or Kerberos server and still handle authentication and identity requests from its cache. We've expressed interest several times in working WITH other platforms to help them port the SSSD, but we've received no real commitment to assisting with it. We have a lot on our plates already, so it is difficult for us to justify spending time improving our competitors' offerings :) Also, SSSD has additional features with FreeIPA integration that nss_ldap and pam_krb5 do not. Specifically, it has support for managing access-control using FreeIPA's host-based access control model. This is a very valuable piece of the puzzle and should not be ignored.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users