Is OpenLDAP a viable alternative to Windows LDAP?

linux ldap openldap

Microsoft Active Directory is (mainly) just an LDAP server, some pre-cooked schemas and some tools for interacting with it and Kerberos. OpenLDAP is pretty much a drop-in replacement for the former.

While you could design your own AD compatible schemas (or if you already have an AD schema, just import it into openLDAP) and write your own tools for managing the datasets there are solutions runing on top of openLDAP available, e.g. GoSA, freeIPA see the samba wiki for more stuff

Not sure where Samba 4 has got to (its expected to add drop-in replacement functnioality for MSAD).


Absolutely. This is generally provided by pam_ldap. There is a specific schema that needs to be imported to the OpenLDAP directory to get the right attributes you need to use it as a Unix authentication source, but it works very reliably.

Related

How to log every login (SSH) on FreeBSD
Mass delete mapped & local printers
What Group Policy settings MUST be set within the Default Domain Policy?
Why VPN when I can just use SSH keys?
how to check connectivity to server by windows tools?
Why does chef list my node name as "localhost"?
How do I Increase the log level of Fetchmail?
kvm low io performance
SAN or NAS 100-200TB - where to start looking? [closed]
SSL Library Error: 218570875 error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long
CentOS disable filesystem check: superblock last mount time is in the future
Unable to receive any emails using postfix, dovecot, mysql, and virtual domain/mailboxes