Subject says it all.
Can we use our corporate Sun DS 5.2 as authentication source? We also have a large AD domain that is synchronized from the corporate directory. Which of these two is best to integrate scalix with?
Thanks
Anders
Sun Directory server as authentication server?
Moderators: ScalixSupport, admin
-
ScalixSupport
- Scalix
- Posts: 5503
- Joined: Thu Mar 25, 2004 8:15 pm
Hi,
we currently support OpenLDAP and AD as well as eDirectory. These are the officially supported versions. You may get it to work with Sun, but you are on your own.
Personally, I have no preference over AD vs. OpenLDAP. Whichever you are more comfortable with, that's the one I would go with.
Cheers,
Sascha.
we currently support OpenLDAP and AD as well as eDirectory. These are the officially supported versions. You may get it to work with Sun, but you are on your own.
Personally, I have no preference over AD vs. OpenLDAP. Whichever you are more comfortable with, that's the one I would go with.
Cheers,
Sascha.
-
anders.ostling
ScalixSupport wrote:Hi,
we currently support OpenLDAP and AD as well as eDirectory. These are the officially supported versions. You may get it to work with Sun, but you are on your own.
Personally, I have no preference over AD vs. OpenLDAP. Whichever you are more comfortable with, that's the one I would go with.
Cheers,
Sascha.
well, in our case it would not be a "Ad vs OpenLDAP" since we dont want to add another directory just for the integration. Are there anybody that have tried to use Sun (former Netscape/iPlanet) as directory? Is so, what is the status?
Thankx
Anders
-
ScalixSupport
- Scalix
- Posts: 5503
- Joined: Thu Mar 25, 2004 8:15 pm
Anders,
you mentioned AD. Scalix integrates nicely with AD in terms of both authentication and directory synchronisation. That would be something that works out of the box. You could use a two-step process to sync your directory against AD which in turn syncs with SUN. That would work right now.
I believe there is no technical issue keeping you from using SUN DS 5.2 for authentication, my reply should have stated clearer that we don't officially support/document SUN DS for directory synchronisation . That is because we want to provide out-of-the-box support for popular directory services _and_ be able to support them by means of preconfigured synchronisation agreement files as templates.
That said, it is however certainly possible to use other systems- since we are an open system ;-)
Cheers,
Sascha.
you mentioned AD. Scalix integrates nicely with AD in terms of both authentication and directory synchronisation. That would be something that works out of the box. You could use a two-step process to sync your directory against AD which in turn syncs with SUN. That would work right now.
I believe there is no technical issue keeping you from using SUN DS 5.2 for authentication, my reply should have stated clearer that we don't officially support/document SUN DS for directory synchronisation . That is because we want to provide out-of-the-box support for popular directory services _and_ be able to support them by means of preconfigured synchronisation agreement files as templates.
That said, it is however certainly possible to use other systems- since we are an open system ;-)
Cheers,
Sascha.
Last edited by ScalixSupport on Thu Apr 27, 2006 10:20 am, edited 1 time in total.
-
florian
- Scalix
- Posts: 3852
- Joined: Fri Dec 24, 2004 8:16 am
- Location: Frankfurt, Germany
- Contact:
Anders,
adding to what Sascha (Support) said....
We already have a couple of customers already using Sun Directory Server for User Management, Group Management and Authentication; we do support the configuration through engagement of Scalix Professional Services (in EMEA, that's my group). What makes this fairly easy is that both OpenLDAP and Sun Directory Server (unlike AD) use a very much RFC-conformant schema, so they are highly similar in their data structures. The little differences between the two can be ironed out by the use of our LDAP attribute mapping mechanism, which comes as a standard and is at the heart of Scalix' flexible backend directory integration. This is something you yourself could do based on our documentation or we could do it for you.
Using Active Directory on the other hand would have one advantage; if your clients are primarily Windows desktops with Outlook as a client and these workstations are members of the Active Directory Domain, the AD configuration would also give you true Kerberos-based Single Sign On (i.e. when starting Outlook, there would be no password checking at all if you have previously logged into the domain). This is because AD also offers the functionality of a Kerberos Key Distribution Center (KDC), which is beyond it's functionality as a LDAP directory. Sun Directory and OpenLDAP do not offer this without additional software and highly complex configuration.
Hope this helps,
Florian.
adding to what Sascha (Support) said....
We already have a couple of customers already using Sun Directory Server for User Management, Group Management and Authentication; we do support the configuration through engagement of Scalix Professional Services (in EMEA, that's my group). What makes this fairly easy is that both OpenLDAP and Sun Directory Server (unlike AD) use a very much RFC-conformant schema, so they are highly similar in their data structures. The little differences between the two can be ironed out by the use of our LDAP attribute mapping mechanism, which comes as a standard and is at the heart of Scalix' flexible backend directory integration. This is something you yourself could do based on our documentation or we could do it for you.
Using Active Directory on the other hand would have one advantage; if your clients are primarily Windows desktops with Outlook as a client and these workstations are members of the Active Directory Domain, the AD configuration would also give you true Kerberos-based Single Sign On (i.e. when starting Outlook, there would be no password checking at all if you have previously logged into the domain). This is because AD also offers the functionality of a Kerberos Key Distribution Center (KDC), which is beyond it's functionality as a LDAP directory. Sun Directory and OpenLDAP do not offer this without additional software and highly complex configuration.
Hope this helps,
Florian.
Florian von Kurnatowski, Die Harder!
Who is online
Users browsing this forum: No registered users and 11 guests