[SASAG] OS X and Open Directory versus Windows and Active Directory

mark foster mark at foster.cc
Sun May 13 11:39:16 PDT 2007


Berry Sizemore wrote:
> I'm very interested in looking at TCO, pro/coc and benefits comparison
> analyses, or any other documentation that clarifies why I would stay
> with OD or chose to integrate AD.
I would say that switching to AD / ditching OD is a drastic and
irresponsible move given your proposed timeline. One week? Why not run
them side-by-side for an eval period to see what the impacts are and
determine what workarounds there are, if any? I do not believe AD is
going to service any of your constituents sufficiently other than the
Microsoft systems.

Where I work, we run AD as our primary directory but use OpenLDAP to
service the *nix systems as AD does not have the necessary attributes
(uid/gid/homedir) to make for usable solution. Sure we tried extending
schemas MS SFU, winbind (from samba) & looked at Vintella and Centrify
which are commercial solutions to bridge AD and Unix/Linux world, but in
the end decided all too costly or complex. So we run two directory
services, keep the UIDs uniform and make the best of it.

-- 
Said one park ranger, 'There is considerable overlap between the 
 intelligence of the smartest bears and the dumbest tourists.'
Mark D. Foster, CISSP <mark at foster.cc>  http://mark.foster.cc/




More information about the Members mailing list