[SASAG] OS X and Open Directory versus Windows and Active Directory

mark foster mark at foster.cc
Sun May 13 11:39:16 PDT 2007

Berry Sizemore wrote:
> I'm very interested in looking at TCO, pro/coc and benefits comparison
> analyses, or any other documentation that clarifies why I would stay
> with OD or chose to integrate AD.
I would say that switching to AD / ditching OD is a drastic and
irresponsible move given your proposed timeline. One week? Why not run
them side-by-side for an eval period to see what the impacts are and
determine what workarounds there are, if any? I do not believe AD is
going to service any of your constituents sufficiently other than the
Microsoft systems.

Where I work, we run AD as our primary directory but use OpenLDAP to
service the *nix systems as AD does not have the necessary attributes
(uid/gid/homedir) to make for usable solution. Sure we tried extending
schemas MS SFU, winbind (from samba) & looked at Vintella and Centrify
which are commercial solutions to bridge AD and Unix/Linux world, but in
the end decided all too costly or complex. So we run two directory
services, keep the UIDs uniform and make the best of it.

Said one park ranger, 'There is considerable overlap between the 
 intelligence of the smartest bears and the dumbest tourists.'
Mark D. Foster, CISSP <mark at foster.cc>  http://mark.foster.cc/

More information about the Members mailing list