← Back to team overview

enterprise-ubuntu team mailing list archive

Re: Authentication in Ubuntu

 

I'm interested in this. Sorry I didn't attend the last UDS. I can't seem to
log into the wiki. Do I need permission for such?

I agree coming up with a preferred solution would be wonderful. The choices
can be overwhelming. Some thoughts:

   -

   pam-ccreds/nss-updatedb - I find this introduced considerable lag
into a system with < 500 users.

   - SSSD - I've run into trouble from what I suspect is not having the
   unix attributes in Active Directory. If I cared enough I could change this.
   All new versions of Windows Server support this right? Looks like SSSD
   wants to eventually support this.
   - Samba - Samba3 client works fine for me so far in a trial group. I
   want to try out Samba4 this summer both client and server. Of note a LOT of
   people have AD and with samba4 one doesn't need Microsoft's implementation.

Something to watch is Zentyal. Their next
version<http://www.zentyal.org/archives/2012/11/06/1117-tentative-zentyal-3-2-roadmap-published/>is
supposed to have desktop client support.
Edubuntu also has plans
<http://edubuntu.org/2012-10-27/edubuntu-at-uds-r>for this.

Needs I have and feel strongly about:

   - Folder redirection and friendlier mounts. As
discussed<https://lists.launchpad.net/enterprise-ubuntu/msg00077.html>.
   Doesn't seem to be any solution.
   - First log in issues. Described in my
blog<http://davidmburke.com/2012/04/26/ubuntu-12-04-deployment-with-active-directory/>.
   In short first log in in Ubuntu can fail if networking is not up. My work
   around (pingtest) is not ideal because if credentials are cached it's
   wasting time. It should be handled by pam. I think the ideal logic should
   be:
   Attempt log in (local, cached credentials, etc)
   If failed AND some network auth is present AND networking is not settled:
      display a friendly message with cancel button "Waiting for network
   connection"
      wait until networking succeeds or fails in connecting

Best,
David



On Tue, May 21, 2013 at 10:40 AM, Bolesław Tokarski <
boleslaw.tokarski@xxxxxxxxx> wrote:

> Hello,
>
> I am trying to execute some of the points we started at the last physical
> UDS (https://wiki.ubuntu.com/**Enterprise/Needs<https://wiki.ubuntu.com/Enterprise/Needs>)
> and took up the topic of authentication.
>
> I did some analysis of the open-source options there are and summarized it
> in an email to the ubuntu-devel-discuss mailing list (
> https://lists.ubuntu.com/**archives/ubuntu-devel-discuss/**
> 2013-May/014518.html<https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2013-May/014518.html>
> )
>
> Is there anyone interested in discussing the topic? I hope to get a vUDS
> session about this next UDS, in the meantime we can get some consensus. I
> would like to find the people that should attend such a discussion due to
> their involvement in this area. I believe we have such people on this list
> already, but feel free to involve anyone who you believe should be part of
> such discussion.
>
> In the meantime I'd like to create some action points in our
> https://wiki.ubuntu.com/**Enterprise <https://wiki.ubuntu.com/Enterprise>wiki. I entered "Current activities" that includes a reformat of the
> aforementioned email.
>
> Please review it and give feedback. There has not been much response on
> that ubuntu-devel-discuss mailing list, perhaps we should fix the
> authentication issues ourselves.
>
> Cheers,
> Ballock
>
> --
> Mailing list: https://launchpad.net/~**enterprise-ubuntu<https://launchpad.net/~enterprise-ubuntu>
> Post to     : enterprise-ubuntu@lists.**launchpad.net<enterprise-ubuntu@xxxxxxxxxxxxxxxxxxx>
> Unsubscribe : https://launchpad.net/~**enterprise-ubuntu<https://launchpad.net/~enterprise-ubuntu>
> More help   : https://help.launchpad.net/**ListHelp<https://help.launchpad.net/ListHelp>
>

Follow ups

References