An integrated direcotry server for Ubuntu-server

Registered by Guy Van Sanden

Ubuntu has a very strong desktop product, but to deploy it in any organisation we need a directory service of some kind. The most likely candidate is OpenLDAP and Kerberos with some management tools (frontends, debconf, webpages).

This would eliminate the need to custom build a system or to go outside Ubuntu (like Active Directory).

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

I'm currently working on a script (in perl) that gets a list of all users in an LDAP directory and fetches their Kerberos principals. It sends an E-mail to them when their account or password is about to expire. Such functionality can be part of the ubuntu-directory-service

PS: Please do NOT assign specs to people or teams.

graeme: I'm not sure writing little commandline scripts is the way to go, given that there are a few full directory servers in development now that could be packaged up for use in Ubuntu. See: FreeIPA (http://freeipa.org/page/Main_Page), Apache Directory (http://directory.apache.org/). It would probably be better to get one of these well packaged / integrated in Ubuntu, and help them increase their levels of support with other operating systems (like Windows) than to start writing something from scratch.

guy: @graeme I agree, but back in 2006 (when I registered this spec), those projects didn't exist.
The script I mentioned was finished and is already in maintenance phase (http://nocturn.vsbnet.be/project/k5expire).
The latest versions of libpam_krb5 already warn about account/password expiration (though I still prefer the e-mail way).

Jones: Please dear Ubuntu people dont reinvent the wheel! Please work closely with the freeipa guys! We dont need more home grown partial solutions and diversity. In this field we need one well designed thing that works across all major distributions of linux/bsd/solaris and plays nicely together with os x and windows! Imagine how cool it would be if the average sysadmin could provide central identity management for all worlds. That would surely be a major step towards broader linux/open-source adoption!

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.