AuthenticationInter-Operabilitywith FreeIPA

MS AzMan

By Microsoft

Proprietary code, but free

User authentication store

DOES NOT BELONG TO THIS DIAGRAM

Any

AD, ADAM, SQL Server, etc.

Is ActiveDirectoryMembershipProvider compatible with FreeIPA?

Is ActiveDirectoryMembershipProvider compatible with FreeIPA?

But non-Windows integrated authenticationrequires integration code to read users / groups(custom principals)

My guess is it is compatible with FDS

But use of the AzMan console for non-Windows identitiesrequires custom user interface using AzMan API

My guess is it is no different than with ADAM, which is documented

Can FreeIPA simulate a Window identity?

Can FreeIPA simulate a Window identity?

r

Excerpt from http://msdn.microsoft.com/en-us/library/aa480244.aspxAuthorization Manager can work with Windows integrated authentication types (in other words, those that result in a Windows logon token) at runtime, or ADAM authentication that yields Security Identifiers (SIDs), ADFS which issues claims, or even custom authentication types such as a SQL Server that could work similarly. The type of authentication chosen can imply features supported and integration requirements. For more information about choosing the appropriate authentication model, see the Microsoft patterns & practices site at http://msdn.microsoft.com/practices/ and the Security Guidance Center for Developers at http://msdn.microsoft.com/security/.

FreeIPA

By Red Hat

Open source

Policy store

XML stored in Fedora DS

Format: FreeIPA / NG Relax

OpenAzMan

By Tela-Group

To develop!

LGLP open source

Because we use NetSQLAzMan's code

Cost to develop?

NetSQLAzMan

By Andrea Ferendeles

LGLP open source

We can change the code

An improved version of MS AzMan

Main topic