enterprise-ubuntu team mailing list archive

Thread
Date

Re: Fwd: Questions: Active Directory integration of linux clients

To: enterprise-ubuntu@xxxxxxxxxxxxxxxxxxx
From: Darryl Weaver <darryl.weaver@xxxxxxxxxxxxx>
Date: Fri, 07 Dec 2012 23:24:37 +0000
In-reply-to: <CANkcPmQTExHoh1a8WEv3D=L=RmRv1YFaNV9UAp0P_DesRmkCFw@mail.gmail.com>
Organization: Canonical UK Ltd
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/17.0 Thunderbird/17.0

Hi All,

Just to update you all on how I see it at Canonical.

Active Directory integration has always been a bit of an issue and so
many commercial products have popped up to fill this gap.
Then there are the open source tools from various sources, such as
winbind from the Samba 3 project and sssd from Redhat.

But it looks like the best tool for integrating with Active Directory
going forward is likely to be the Samba 4 project as this has been 10
years in production and is, finally, nearing production quality.

So, for the moment there are many different solutions and it depends on
your requirements as to which is the best fit.

But I fully expect by the next LTS release Ubuntu will be shipping with
a production quality Samba 4 implementation allowing complete
interoperability with a standardised open source product.  This will
allow Ubuntu to operate as an AD server or client with minimal fuss.

But, in the meantime, it is a difficult issue as no one product fits
everyone's requirements.

The best we can do is document the pros and cons of each solution so we
can easily make informed decisions on which product to choose.

Best Wishes,

Darryl Weaver
Sales Engineer,
Canonical
Desk: +44 (0)207 630 2400 ext 507516
Mobile: +44 (0)7720088049
GPG FPR: EA3F 3805 9347 87EC 9CBB 8C1E DADC 82C9 B16B 0403

On 06/12/12 20:13, Chris Rowson wrote:
> Sorry - accidentally replied to sender rather than list.
> 
>     On 05.12.2012 15:04, Chris Rowson wrote:
>     I have always found it hard to understand why Canonical just don't
>     includeLDAP/AD authentication as an option out of the box like
>     RedHat do <snip> 
> 
>  
> 
>     On Thu, Dec 6, 2012 at 4:34 PM, Timo Aaltonen <tjaalton@xxxxxxxxxx
>     <mailto:tjaalton@xxxxxxxxxx>> wrote: 
> 
>     <snip>
>     Edubuntu is experimenting with this, and I've discussed it with
>     Stephane Graber about what it should look like once implemented
>     "properly" (by modifying user-setup, allowing preseeding et al).
>     Probably not going to happen for 13.04, but maybe the next release
>     and definitely for the next LTS.
>     <snip>
> 
> 
> That is really encouraging Timo. I hope we do see OOTB LDAP/AD auth
> soon. I imagine that it is the lack of this which puts lots of
> enterprises off Ubuntu Desktop.
> 
> Cheers,
> 
> Chris
> 
> 
>

References

Questions: Active Directory integration of linux clients
From: Florian Bieber, 2012-12-04
Re: Questions: Active Directory integration of linux clients
From: Risberg, Ove, 2012-12-05
Re: Questions: Active Directory integration of linux clients
From: Chris Rowson, 2012-12-05
Re: Questions: Active Directory integration of linux clients
From: Timo Aaltonen, 2012-12-06
Fwd: Questions: Active Directory integration of linux clients
From: Chris Rowson, 2012-12-06