Parallels Desktop 8 for Mac is lets you seamlessly run Windows and Mac applications side-by-side

Login | Register

Post new topic Reply to topic  [ 4 posts ] 

Tue Aug 30, 2011 9:35 pm

Offline
Joined: Tue Aug 30, 2011 9:16 pm
Posts: 2

Please help with my dilemma - all and any advice and comments will be appreciated. I can't seem to get anyone to respond to this question no matter where I ask it!


We are planning to implement a single national user accounts directory and single email domain for all our offices.

Currently, our head office has an OD serving 200 clients, while our other offices don't use any form of directory services at all.

The question is: what kind of Directory and Authentication services should we implement? What are other people doing?

The Desirable Qualities we're looking for is:

Stability, directory shouldn't get corrupted every second week.
Ability to manage preferences of Mac OS X and Windows clients
Open and easy to integrate with other systems incl:
RADIUS - in order to use 802.1x
PHP for our Intranet site
FileMaker database
Low TCO
Future proof: continued development, stillsuitable in foreseeable future, scalable.

The following are 4 possible candidates:
- OD
- AD
- FreeRADIUS with OpenLDAP
- Novell

Looks like AD is the norm everyone goes for with an extended scheme or OD pointing to it to check for users, groups.

Ideally, I'd like to use an open source free solution like FreeRADIUS and OpenLDAP, however, I can't find information on doing this?

Similar post, but no replies: https://discussions.apple.com/message/15941406#15941406

Please help, need to make a move soon.



Top Top
  Profile

Wed Aug 31, 2011 10:55 am

Offline
Site Admin
Joined: Wed May 12, 2010 7:45 pm
Posts: 179

I'd say try Open Directory, so you're up on the learning curve. You're already using it, and your network is relatively small (in an enterprise sense).

Active Directory is an investment in time and resources, and it sounds like you're commited to Open Source.

If you want to go Mac, for 200 clients, Snow Leopard Server would do everything you list, and includes Open Directory and RADIUS and mail. Of course, it's no longer sold by Apple. I can't recommend Lion Server, however, for a production enterprise environment.

_________________
John Rizzo
MacWindows.com



Top Top
  Profile

Thu Sep 01, 2011 12:19 am

Offline
Joined: Tue Aug 30, 2011 9:16 pm
Posts: 2

Thank you MacWindows for your advice.

You make some really good points - the fact that we don't have to re-learn something or reconfigure all computers in our head office is certainly a big plus working in Open Directory's favour and makes me rethink that this may be the best way to go.


The concerns I have with Open Directory though are:

OpenDirectory is unstable, every now and then issues re-emerge where the directory becomes corrupt and we have to set accounts to Crypt passwords to be able to delete or make any changes to accounts - sometimes setting to crypt doesn't even work anymore, users stop being able to authenticate to the server, etc. At this stage we demote it to a standalone server and promote it to an OD Master again, re-import users and groups and reset all passwords. This fixes this ever reoccuring bug, but having to redo this everytime makes me anxious about using it on a national scale. I must admit however that this hasn't happened lately on Snow Leopard. Perhaps OD on Snow Leopard is more stable than it's ever crashing Leopard predecessor? We haven't used Snow Leopard that long.

Secondly, Apple seems to be moving away from the Enterprise with early adopters of Lion Server not having much success with Open Directory. If it becomes unsupported and we later need to move away from OD, it would've been better to pick something else from the start.

Contemplating.



Top Top
  Profile

Thu Sep 01, 2011 6:10 pm

Offline
Site Admin
Joined: Wed May 12, 2010 7:45 pm
Posts: 179

I wouldn't recommend deploying any brand new server software in a production environment, and Lion Server 10.7.1 is no exception. There are certainly bugs. If you're considering it, wait till things shake out in terms of updates. But, it is only $80, not too much to invest in testing it. Not that I'm pushing it.

_________________
John Rizzo
MacWindows.com



Top Top
  Profile
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 8 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum


Search for:
Jump to:  
cron

OS X Mountain Lion Server for Dummies
By John Rizzo

Simplifies the installation, configuration, and management of Apple's OS X Server software. Support Mac and Windows clients for file sharing, email, and directory services; Install software to your iOS devices and Macs. Incorporate a Mac subnet into a Windows Active Directory domain, manage Mac and Windows clients, and configure security options, and more. Click here for more.

Serving the cross-platform community since November 15, 1997. Copyright 2010-2013 John Rizzo. All rights reserved.
Powered by phpBB