"Back to Resara, does it handle Likewise or Centrify? " Yes, we are using Likewise at several locations. Works like a charm!
On Fri, Jan 27, 2012 at 4:02 PM, Tom Buskey <t...@buskey.name> wrote: > > > On Fri, Jan 27, 2012 at 2:47 PM, Ben Scott <dragonh...@gmail.com> wrote: > >> On Fri, Jan 27, 2012 at 12:35 PM, Warren Luebkeman <war...@resara.com> >> wrote: >> > Yes, its an Active Directory DC, and can host FSMO roles. Once you >> have the >> > domain setup, you can create/manage standard AD group policies via >> > Microsoft's group policy tools. >> >> *Very* impressive. You can bet I'll be checking this out. Thanks >> for the info. >> > > The Samba folks have been trying to do this for a long time too. I have > been in the middle of a migration from AD on Win 2000 to Win 2003 to Win > 2008 and implementing GPOs. It's worth having them. > > >> >> For those *nix-heads on the list wondering what all this >> gobbledygook is about: >> >> Active Directory (AD) is Microsoft's directory service. It manages >> things like users, groups, email addresses, passwords, computers, etc. >> It's vaguely LDAP based. A Domain Controller (DC) is a server >> hosting the AD services. In order to do just about anything with >> MS-Windows on a network at a business, you need AD. >> >> > > It is LDAP with Kerberos wrapped in (in a proprietary way). I have to > admin AD and a Solaris LDAP server. As a Unix bigot (like most of us here > :-) I wish I could get off the LDAP and use AD where it has been done right. > > AD also does DNS (static and dynamic) and DHCP very well. We use it and > not BIND with all our Unix boxes. > > >> DCs are mostly peers. The FSMO roles (Flexible Single Master >> Operation) are a handful of special tasks which need to be assigned to >> a single DC. One is responsible for generating unique IDs, for >> example. >> > > Replication and redundancy (only one needs to be up). Again, AD does this > easily with a few clicks. > > >> >> Group Policy Objects (GPOs) are how Windows computers are managed. >> Pretty much everything about Windows management starts there. >> > > With our GPOs, we've going from hours configuring a PC (300+ files need > specific permissions and auditing set) to minutes. If it gets out of spec, > the GPO resets it. > > I'm looking to puppet/CFengine/chef to do something similar for the Unix > boxes. If it works 1/2 as well as the GPOs to, I'll be happy. > > >> >> The ability to do the above means a Linux server can handle the >> proper care and feeding of Windows clients. >> >> > AD is a case where MS really did things right. > > Back to Resara, does it handle Likewise or Centrify? These are products > that allow a Unix client (Linux, Solaris, MacOSX) to use AD for its > authentication. If you have an AD environment, it's more secure for > authenticating then NIS and. > > > > _______________________________________________ > gnhlug-discuss mailing list > gnhlug-discuss@mail.gnhlug.org > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ > > -- Warren Luebkeman Partner, COO Resara LLC 888.357.9195 www.resara.com
_______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
