| Managing Linux users the Active Directory way |
Apr. 13, 2006
So you want to manage Linux users, but your system administrators are lost without Microsoft's Active Directory? Centrify Corp. has an answer: Centrify DirectControl Suite 3.
With this program, you can use Active Directory (AD) to integrate Unix, Linux, Mac, J2EE, and LAMP (Linux, Apache, MySQL, PHP/Perl/Python) based web applications. The program also provides support for web-based single sign-on (SSO) and federated identity management. It does this by leveraging Microsoft's recently released ADFS (Active Directory Federation Services), which is included in Windows Server 2003 R2.
DirectControl 3 also integrates with Unix- and Linux-based open source infrastructure programs such as Samba and OpenSSH. The program supports 64-bit systems and the Windows Server 2003 R2 UNIX schema.
Other Windows/Linux management programs such as Vintela Inc.'s Vintela Authentication Services require changes to be made to the existing Linux identity and password management programs. Vintela's solution is to migrate Linux users to AD, while Centrify's approach enables AD administrators to manage Linux and Unix users without modifying the native Unix and Linux identity management systems.
Tom Kemp, CEO of Centrify, added that other such programs, like Novell's ZENworks 7, require administrators to learn a new management system, while Centeris Corp.'s Likewise is more of a deployment tool than an administrator's management suite.
In addition, Kemp pointed out that DirectControl supports many different flavors of Unix and Linux on different architectures. For example, the program can be used on AIX 5.1-5.3; HP-UX 11.11 and 11.23; Mac OS X; SUSE Enterprise Server 9; Red Hat Enterprise 3 and 4, as well as Fedora 3; and Solaris SPARC 8-10.
The program does this by having the administrator install an SSO module on the managed system. For intranets, DirectControl enables AD-based web-based SSO via Kerberos and LDAP (Lightweight Directory Access Protocol). For extranets, DirectControl leverages ADFS to provide federated identity management for both business-to-business and business-to-customer applications. It also supports NIS (Network Information Service) client authentication.
Of course, an expert in Linux, AD, and Samba administration can do all this by hand, and with scripts. But, that's the point -- it takes an expert and a lot of sweat. Kemp argues that with DirectControl, administrators can get Linux and Windows networks integrated and working in harmony using their existing AD skill sets.
"At RadioFrame, we wanted to integrate our Sun Solaris and Windows environments so that our users could focus on doing their work and not waste time each day having to remember and type in multiple user names and passwords," said Christopher Smith, IS manager at RadioFrame Networks. "We were impressed that within minutes, we could get DirectControl up and running and working seamlessly with Samba, something that was not possible with alternatives we considered."
Kemp said that by extending ADFS to web-based applications running on non-Microsoft web platforms, you can use it to manage Apache and J2EE application servers without having to deploy any additional federated identity software. By default, ADFS enables distributed IIS (Internet Information Services) application identification, authentication, and authorization across extranets. The result is that Centrify can deliver web-based SSO on both intranets (for internal users) and extranets (for customers and business partners) for a minimal upfront investment.
Centrify DirectControl 3 will become available April 18. Licenses start at $50 per workstation and $300 per server. To receive an evaluation copy of DirectControl, visit the trial Website.
-- Steven J. Vaughan-Nichols
Do you have comments on this story?
Talkback here
NOTE: Please post your comments regarding our articles using the above link. Be sure to use this article's title as the "Subject" in your posts. Before you create a new thread, please check to see if a discussion thread is already running on the article you plan to comment on. Thanks!
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
|
|
|
news feed