[BBLISA] Open source AD alternative

Dean Anderson dean at av8.com
Mon Feb 21 17:36:28 EST 2011 

This is not as hard as you might think, but still a lot of work.

You need some things:
	kerberos5 
	directory service 
	RPC integrated with k5 and directory service
	Optional: Distributed File System (few sites use DFS from either 
		OSF or M$, but its the same thing)

On that layer, you can do cool things like group policy, etc.

Microsoft ActiveDirectory is based o a reimplementation of OSF DCE, from
the OSF Application Environment Specification (AES). Microsoft liked
DCE, but determined that it was cheaper to re-implement it than to
licence source from OSF.  The good news is that while DCE is slightly
crufty 18 year code, it still works with MS, and OSF has made the code
GPL. So you could, conceivably, update it to run on modern unix systems.  
Then you will need to re-implement the group policy and other
enhancements made by M$ over the years.

Another enhancement that MS did was in the actual directory service
implementation.  MS used LDAP, while OSF used a cell directory service
from Apollo and HP. OSF also included an X.500 service that almost no
one used at the time, but in retrospect was obviously the way to go.

The easy part of the work is changing to ANSI c, updating stdarg, etc.  
The hard part is a pthread4 adapter. Fortunately, Jim Doyle and others
have done a lot of work on that. I can get you a copy if need be.

M$ RPC is completely compatible with OSF DCE on the TCP stack, but they
made a trivial change to the UDP stack. I've been meaning to update the
OSF RFC to reflect the MS changes, but it hasn't been pressing.  Let me 
know if you intend to go this route, and I'll see what I can do to help 
out.

		--Dean



On Fri, 18 Feb 2011, Warren Luebkeman wrote:

> We are a software company up in NH, and have developed a free/open source
> Linux Active Directory server based on Samba.  The objective of this project
> was to create an AD alternative that was easier to use, and accessible to
> anyone regardless of expertise.  Its mostly geared towards small businesses,
> but is also being used in schools on large networks.
> 
> We are looking for people to download/test the beta of the software we
> released earlier this week.  If any of you are IT consultants that work with
> small businesses, I think this could be a very useful tool for you.
> 
> Let us know what you think!
> 
> http://www.resara.org
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 256 5494

More information about the bblisa mailing list