Enable user login to leverage a directory infrastructure

Registered by Mathias Gug on 2009-04-30

how can the user login leverage a directory infrastructure? what kind of functionality could be centralized? what type of information can be centralized? which tools currently exist to manage that information?

We'll look at the pam and nss components and ways to use a centralized directory infrastructure.

Some requirements: disconnected mode.

1. look at sssd from fedora and the freeipa project.
2. look at Likewise Identity Service (LWIS) - http://www.likewise.com/open_community/lwis.php
3. nsscache - http://code.google.com/p/nsscache/
4. nss+pam overlay from openldap

Blueprint information

Status:
Complete
Approver:
Rick Clark
Priority:
Medium
Drafter:
Mathias Gug
Direction:
Approved
Assignee:
Mathias Gug
Definition:
Approved
Series goal:
None
Implementation:
Implemented
Milestone target:
milestone icon karmic-alpha-6
Started by
Mathias Gug on 2009-08-27
Completed by
Steve Langasek on 2009-09-24

Related branches

Sprints

Whiteboard

Discussion and proposal moved to the wiki specification page.

sssd is in the NEW queue.

openldap 2.4.18 should have a cache overlay that supports disconnected mode. FF Exception required.

FFe granted. 2.4.18 uploaded to karmic.

sssd and OpenLDAP 2.4.18 are both in karmic, marking as implemented.

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.